the (un)real thoughts of realbt

The thing about object-oriented design is that it’s not always necessarily the best design choice. Sometimes, in a small piece of code (I’m thinking a script, for the most part) you’re better off writing it functionally. In fact, often times in this situation you will have less code if you do not do OO design.

With Java and .Net and the rest of them, OO design is being pushed from all directions. And while it is true that is probably the better abstract design methodology that we have today, it doesn’t mean that it’s the bees knees in the grand scheme of things.

Sometimes, it’s just not necessary; period. Not everything needs to be OO. So, get off your OO band wagon and start making some intuitive design choices. Just because something is OO doesn’t mean it’s inherently better than that which is not.

We all know there are flaws in Windows. So I won’t write about that. (Just as a point of clarification: I’m talking about the NT/2000/XP variants of Windows.)

And I also won’t talk about how there are flaws in all software systems; it’s just sort of inherent to the way things are, especially given that there are malicious people out there who seem to have nothing better to do.

What I will talk about is how scary things are getting for Windows users. Some findings are suggesting that the length of time an unprotected Windows PC can last on the Internet has been cut nearly in half in a short period of time thanks to all sorts of stuff. And I can’t get over how quickly this is happening.

For the longest time, I hadn’t run into any of these hostile PC take-overs before. I’ve always run my Windows systems behind strong firewalls denying almost all trafic. Relatively dumb firewalls, no doubt; but ones that worked. (I’ve never been very keen on those annoying firewalls that pop dialogues up everytime a program tries to access the internet).

But recently at work, and also some friends’ Windows PCs, I’ve had to do some clean-up. Noticing that there are several to a dozen strange processes running taking up an unusually large amount of memory and CPU time, I had to do something.

So out comes Ad-Aware and Spybot and whatever other anti-spyware applications I decide to use at the time. I run these, requiring a full disk scan, which in some cases, removes a dozens of registry entries, files and processes. Then comes Stinger, NAI’s free virus/trojan remover. This also requires a full disk scan.

But these don’t always kill everything. There’s still junk left.

So the frustration mounts, and ultimately, it always comes back to Windows. Why was it designed this way? There are dozens of people out there with File and Printer Sharing enabled on their network cards plugged into the internet. This is so ridiculously unsecure, it’s a joke. Someone can take-over your PC in minutes with this not secured correctly. Then there are the various other Windows services, like Remote Registry. Why are these enabled by default?

I’m looking for answers as to why these things were so poorly thought out. But even an 100% patched, newly shipped Windows 2000 system with no protection is vulnerable.

Why has Microsoft done this?