A Neutral Look at Operating Systems/Microsoft Windows

Windows is the most widely used OS for home and business desktop use, and thus is well supported by software developers. Early versions of Windows were based on Microsoft's DOS (Disk Operating System), and were therefore not designed with persistent network connections in mind (unlike UNIX; see below). This posed a problem for Windows' growth because as persistent network connections have become more commonplace, so have the risks of viruses, malware and other security breaches. A major redesign that began with Windows NT aims to address this.

Windows 1, Windows 2, Windows 3, Windows 3.1, Windows 3.11, Windows 3.12 edit

These early versions of Windows were based (concurrently with Apple's) on the XEROX PARC concept of WIMPS (Windows, Icons, Menus, Pointing System) and were little more than a pretty Graphical User Interface on top of MSDOS. In fact, versions in the 1.x and 2.x families had as their main shell a text-based directory listing, and their programs do not work on newer versions of Windows. The early versions were not popular: most users stayed with DOS until Windows 3.1 came along with rather simple networking support. Novell and others exploited the opportunity that Microsoft had left, but they failed to recognise the emerging Internet Standard, TCP/IP. This critical error allowed Microsoft to regain control, albeit with little concern at the time for complete and secure implementations.

Windows 95, Windows 98, Windows 98 SE, Windows Me edit

Windows 95 introduced pre-emptive multitasking to the consumer Windows family. This was very important at the time, as Windows had gained (with hindsight, unfairly) a reputation for being unstable; in reality, however, the large majority of the errors were in the applications and third-party drivers that Windows ran. Pre-emptive multitasking allowed for an application to fail without bringing down the whole machine. Nevertheless, these versions of Windows still lacked adequate housekeeping, such that a failing application could leave the memory in such a mess that a reboot was needed. In practice, however, most people using commercial applications saw relatively few crashes. Three fundamental problems remained:

• there was no hard wall preventing a user application to run at kernel level;
• there was nothing to distinguish data memory from instruction memory; and
• there was no concept of Administrator or Super-user; ordinary users had full control but lacked the knowledge to manage it. The system was delivered with critical TCP/IP functions exposed.

All of these made the world's most popular operating system a sitting duck for malware authors. However, as Windows became more popular as a malware target, some other OS's seem to have lagged in security as well since they are very rarely targeted.

Windows NT, Windows 2000, Windows XP, Windows 2003 edit

The availability of 32-bit memory addressing allowed Microsoft to redevelop large parts of the OS to meet the standards needed to drive on the "Information Superhighway". Top software designers were headhunted from Digital Equipment Corporation to redesign the OS from the ground up. They designed and developed Windows NT ("New Technology"), discarding much of the DOS framework. Windows NT is, by design, more secure than previous versions of Windows. Microsoft eventually phased out all DOS-based versions of Windows in favor of the NT-based varieties. Windows 2000, Windows XP, Windows 2003, and Windows Vista are all based on Windows NT architecture.

• As an interesting sidenote, Windows NT (WNT) was marketed as "Windows New Technology", and was often guessed by users to be "Windows Networking Technology" because networking was made native to Windows NT. It has later been disclosed, however, that WNT was actually a play on VMS (another operating system) - in the same manner as 2001: A Space Odyssey's HAL was supposedly a play on IBM.

In designing the Windows operating systems, Microsoft had decided that user friendliness was the main goal of the design. As a side effect, Windows systems generally did not have adequate security settings enabled by default, even in NT-based versions until the release of Windows XP SP2 and Windows Vista, and therefore could still be compromised if connected "out-of-the-box" to the Internet directly. In fact, many users have complained that their computers became infected with various worms and viruses even while installing Windows XP. However, since the release of Windows Vista - the first Microsoft operating system to be developed using the Trust Computing Development Lifecycle, these problems have largely become irrelevant. Windows includes software for sharing an Internet connection between Windows computers connected on the same network, as well as rudimentary firewall software for protecting the network. Since Windows Vista, Microsoft ships an anti-spyware solution built-in and a free anti-virus solution called Microsoft Security Essentials is currently in beta, with plans to be made available for free to all users of Genuine Windows. For even better security (usually recommended for home or small business networks), a separate hardware-based switch with an integrated firewall is a wiser solution. Such hardware can be purchased for as little as $30 US. (This security measure can, in fact, be used with any operating system, not just Windows.)

A 2008 study comparing the source code quality of Linux, the Windows Research Kernel (a derivative of the Windows 2003 Kernel), FreeBSD and Solaris found that the quality of code was roughly equivalent^[1]

See Windows Software. Windows NT and VMS: The Rest of the Story.