Windows: An Overview
| A Wikibookian suggests that this book or chapter be merged into Windows Programming.
Please discuss whether or not this merge should happen on the discussion page.
| A Wikibookian believes this page should be split into smaller pages with a narrower subtopic.
You can help by splitting this big page into smaller ones. Please make sure to follow the naming policy. Dividing books into smaller sections can provide more focus and allow each one to do one thing well, which benefits everyone.
At the time of this era, the Microsoft Windows family of operating systems runs the vast majority of the world's home computers. How did Windows rapidly become the dominant operating system for home use on the planet?
- 1 History
- 1.1 Predecessors
- 1.2 Inception
- 1.3 16-Bit Versions
- 1.4 32-Bit Versions
- 1.5 64-Bit Versions
- 1.6 Design Goals
- 2 Installation
- 3 Configuration
- 4 Using Windows
- 5 Optimizing Performance
- 5.1 General Tips
- 5.2 Processor Scheduling
- 5.3 Internet Speed
- 5.4 Trimming the OS
- 5.5 Side Note
- 5.6 Windows CE
- 5.7 Windows 9x
- 5.8 Windows XP / 2000 / Server 2003
- 5.9 Xsetup
- 6 Other Platforms
- 7 Microsoft's Development Cycle
- 8 The Windows Version Lifecycle
- 9 The Future
- 10 Appendix: Key combinations
Microsoft Windows began as a GUI add-on to DOS. The early versions of Windows required DOS to be installed first. The first version that did not require DOS to be pre-installed was Windows 95. Early on, Windows split into two branches - the DOS-based branch and the NT based branch. Today, The DOS-based branch has been discontinued due to bugs (errors in software), Lack of hardware support, and instability. All versions of Windows since Windows NT 3.1 (these are Windows NT 3.1, NT 4.0, Windows 2000, XP, Vista, 7, and 8) are NT based.
Here are the predecessors to Microsoft Windows 95 in the order of release:
Windows 2.1 (Windows/286, Windows/386, and Windows/486)
Windows 3.1 (with a respective Windows for Workgroups release)
Windows 3.11 (also with a respective Windows for Workgroups release)
Windows 3.2 (a minor update to 3.1 for Simplified Chinese support, also with a respective Windows for Workgroups release)
The CP/M Operating System, first written by Gary Kildall in PL/M, a language of his own invention, in 1975. It was written for the Intel 8080 CPU, which was the power behind such legendary machines as the Altair 8800 and the IMSAI 8080, one of which was used in the movie 'War Games'. The system was very popular among those early computer users, and saw the introduction of many new devices, such as the 5 1/4" floppy disk drive and the hard disk drive. In 1980, when IBM was building its first PC, they went to Gary Kindall, who didn't think the system would take off. It might interest you to know that one or two years later, the CP/M-86 OS was released independently of IBM, and cost about ten times what the then-new MS-DOS system did. Initially CP/M had many advanced features that MS-DOS did not have. However, because Gary did not want break off from his licensed based distribution of CP/M rather than accepting the OEM based distribution IBM wanted, Microsoft's MS-DOS was chosen to be the choice on the IBM PC. In addition to this, many of CP/M's features, such as multi-level directories and hard drive support, were not really thought of as needed.
DOS stands for Disk Operating System. A product called Microsoft DOS was released by Microsoft in 1981 for the IBM Personal Computer. It offered file system access to FAT partitions and had tools for editing, programming, and management. Later versions would support a semi-graphical navigator, and the ability to mount remote shares. Microsoft DOS had a long-lasting effect on the computer world, a very scaled down version of Microsoft DOS was present in every Windows OS including the recent Windows Vista (and the Windows NT operating systems, Windows 2000, Windows Server 2003, and Windows XP).
New Key Features: Overlapped windows and icons Windows 2.0 came with the ability to let windows and icons are overlapped. Windows can be freely resized and moved in the screen. 386 enhanced mode to take advantage of memory larger than 640K There are two versions of Windows 2.0. The first version of Windows 2.0 was called Windows/286 later after Microsoft releases Windows 2.0 with support of 386 enhanced modes, which is called Windows/386. The 386 enhanced modes gave the system the capability to run multiple MS-DOS applications simultaneously in extended memory.
Microsoft was not the first company to investigate the use of a Graphical User Interface, or GUI, to control a personal computer. Microsoft uses private servers to run Windows. That distinction belongs to the Xerox Corporation's Palo Alto Research Center (Xerox PARC). Xerox demonstrated seven key ideas whose strategic importance were immediately apparent to both Microsoft and Apple, and critical to the success of both the Apple Macintosh and Microsoft Windows:
1. The use of a windowing system to give a user common presentation and operation of different applications,
2. The concept and use of a mouse to navigate that system,
3. A clear demonstration that multitasking (running several applications at the same time) could actually be useful to home and business users,
4. The demonstration of a laser printer, which significantly increased the potential for desktop publishing,
5. That a computer could potentially be used by an operator with little or no training,
6. That such an operator, once familiarized with the system, would be strongly opposed to moving back to a more complicated environment,
7. That such a computer could be networked.
The impact of that final idea took a long time to be fully realized- Windows certainly did not embrace it, or even support it, initially- but the whole package really was demonstrated that long ago.
Why Xerox wasn't able to capitalize on its own strokes of genius would be (and, indeed, is) another book, in and of itself.
Most Personal Computers are using Intel X86 instruction sets. As long as they are using the same instruction sets, they can perform the same job. That is, 286, 386, 486, Pentium and many other types of processors are equally well. The only differences between them are the speed, and memory addressing capability. Although 086 and 286 are using the same X86 instruction set, however, because of having some troubles on addressing the high memory, therefore, many programs are not able the run on these older processors.
Windows 3.0 - 3.1Edit
386 Enhanced mode implemented all the benefits of Standard mode, plus 32-bit addressing and paging for faster memory access, and virtual 8086 mode for safer execution of MS-DOS programs: each of them now ran in a virtual machine. In the previous modes, multiple MS-DOS programs could only be run in full-screen, and only the program currently active was executing; but in 386 enhanced mode, they could be run simultaneously in separate windows. This mode required a 386 processor and 1 MB of extended memory (in addition to the base 640KB) – beyond the specifications of most PCs sold in 1990.
Windows for WorkgroupsEdit
A Winsock package was required to support TCP/IP networking in Windows 3.x. Usually, third-party packages were used, but in August 1994, Microsoft released an add-on package (codenamed Wolverine) that provided TCP/IP support in Windows for Workgroups 3.11. Wolverine was a 32-bit stack (accessible from 16-bit Windows application via WinSock thunks), which gave it superior performance to most of the third-party TCP/IP Windows stacks available. However, it was only compatible with Windows for Workgroups 3.11 and lacked support for dial-up. The Wolverine stack was an early version of the TCP/IP stack that would later ship with Windows 95 and provided an early testbed for the 16-to-32-bit compatibility layer that was crucial to Windows 95's success.
The increased address-space size in 32-bit Windows impacts 16-bit code in several ways: •Pointers are all 32 bits wide and are no longer near or far, and your code cannot make assumptions based on segmented memory. •Window handles to other objects (such as pens, brushes, and menus), and graphics coordinates have increased to 32 bits. Thus, you cannot use types such as WORD interchangeably with HWND as you could in 16-bit Windows. •Message handlers must be rewritten because the different sizes can change the way information is packed in some message parameters. •The larger size of graphics coordinates affects a number of function calls. The key areas of 16-bit code affected by these changes are: •Window procedure declarations •Near and far type declarations •Data types •Messages •Calls to API functions •WinMain function For a thorough discussion of 32-bit adaptations in each of these areas, see Porting 16-Bit Code to 32-Bit Windows.
MS-DOS and all previous versions of Windows were single-user systems. NT, however, supports multiprogramming, so several users can work on the same machine at the same time. For example, a network server may have multiple users logged in simultaneously over a network, each accessing its own files in a protected way.
The first 32-bit operating system in the Windows Family outside of Windows NT. But still, it is easier to crash than Windows NT (but harder to crash than Windows 3.1), and relative to Windows NT, not very stable. This project has been abandoned years ago.
An update to the Windows 95.
In computing, the Windows Driver Model (WDM) — also known at one point as the Win32 Driver Model — is a framework for device drivers that was introduced with Windows 98 and Windows 2000 to replace VxD, which was used on older versions of Windows such as Windows 95 and Windows 3.1, as well as the Windows NT Driver Model.
Windows 98 SEEdit
Windows 98 SE (Second Edition) included DVD support)
This version of Microsoft Windows preceded Windows XP. Its core functionality is very similar, but it lacks some of the features later added to XP. Many continue to use 2000 instead of XP because they believe the extra XP features are unnecessary and cause the computer to run slower. Windows 2000 is the final NT-based system without activation.
Windows Millennium Edition was meant to bring an end to the 95/DOS line of OS's, although it still contains DOS 8.00. It sported new features in the multimedia area, such as Windows Movie Maker 1.0 and Windows Media Player 7. It also had other important new features such as System Restore. Most of the new features were continued into Windows XP making XP what it is. Windows Me is the final DOS-based system without activation.
Windows XP was originally released in the year 2001. It included improved graphics and a more user-friendly environment. Windows XP was built on the core of Windows 2000 but adds greater stability for most desktop users plus a fancier graphical user interface. Although the goal of perfect security continues to elude the OS, Service Pack 2 (SP2) improves matters over the original release and rolls up enhancements added between release and mid-2004.
Windows 2003 Server/Advanced ServerEdit
Windows Server 2003 (sometimes referred to as Win2K3) is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005. Its successor, Windows Server 2008, was released on 4 February 2008. According to Microsoft, Windows Server 2003 is more scalable and delivers better performance than its predecessor, Windows 2000.
There is currently support for the 64-bit Intel Itanium processor in Windows Server 2003 Enterprise and Datacenter editions, supporting up to 64 Itanium CPUs in the later. Windows Server 2003 SP1 adds x64 support. Note: Source update under this version will be suffixed by "IA64", there is the difference from the usual Intel/AMD architecture of "x64" bit sources.
Note also that there are computers based on the 64-bit IBM Power chips that are used in the G5 Macintosh computers that are running the Windows NT kernel. These "Macs running Windows" are used for game development on the future generation Xbox that will use IBM Power CPUs.
(explain existing 64-bit CPUs- AMD, Intel, etc.)
This version of Microsoft Windows, released on January 2007, is the latest major upgrade for the Windows operating system.
Until the product name was revealed in July 2005, Windows Vista was known as 'Codename Longhorn'.
It includes major changes graphically. Translucency and other visual effects are highly used. Also, applications are now switching over to the .NET framework. (Add something more about core like Avalon, and GUI)
Windows Server 2008 SystemsEdit
With this introduction of Microsoft Windows Servers, released in October 2008, it contains the same code base as Vista (Windows6.0). Its significant change and added feature set are enabling the virtualization of Microsoft Windows Server Systems. The support from 32-bit Windows 2000, Windows 2003, 2003 R2 and Windows 2008 itself, plus the associated existing 64-bit version will expect to become the enabler of any enterprise system, large, medium or small to harness the use and simplicity of virtualized Windows systems (including some flavors of Linux) to meet everyday needs of computing.
A main design goal of Windows was hardware and software portability.
This chapter will explain how to install Windows. Since installation is fairly similar between versions- with important, and sometimes subtle, differences- we will example how to install Windows XP, Home Edition, and then review the differences for other versions. This chapter explains only the basics; once you're up and running, check out the Configuration chapter to personalize your system.
Make sure that whatever you are installing, that you have a copy of the files you need to be stored in a safe place, even if it's on a separate partition. You're generally better off wiping the partition with your old operating system so as to remove all the incompatible files, viruses, spyware and general clutter/temp files that all computers accrue over their lives.
Installing Windows XP, Home EditionEdit
Depends if you install from booting a CD or from running the setup program from another version of Windows. It's better to boot from the disk, this way you can alter your partitions before you install whereas otherwise, you may find yourself being forced to install it over an old copy.
Differences for Windows XP ProfessionalEdit
Adds greater networking and enterprise features. If you have a network, this is the version you need.
Differences for Windows MCE base-2004-2005Edit
Windows XP Media Center Edition is distinguished from other editions of Windows XP by an exclusive preinstalled application, Media Center, which provides a large-font ("10-foot"), remotely accessible interface for TV viewing on the computer as well as recording and playback, DVD playback, video playback, photo viewing, and music playback.
The Windows configuration was always meant to be user-friendly to office support and home, although some Windows Operating Systems and editions were meant to mean one thing or another.
(how to set the machine name, time, etc.; NOT networking)
Appearance and EnvironmentEdit
For Windows Classic, you will normally follow this step to change the appearance, wallpaper, resolution, etc.: In a desktop area (not on a window), right click. A menu will appear so you will click properties.
The workgroup is usually set up when the operating system is first installed. This choice can be edited from the network wizard later on. Once a computer has a network (basically before its first boot) it can trade files with other computers on that network.
(basic Workgroup and Domain configuration; NOT connection sharing, firewall stuff, etc.; that goes into Advanced Stuff)
(needs to be below networking because this should explain network printers; explain how to add a printer; how to change the default printer; how to change the printing defaults; when to choose PCL vs. PS when printer offers both; parallel vs. USB vs serial vs. network; explain FAX send can be a printing device, etc.)
Both Windows XP and Windows Vista include options for those with difficulty reading or using a computer(Color-blind etc). They are found under: Start->All Programs->Accessories->Accessibility.
(handicapped access; explain Magnifier, text-to-speech, voice recognition, etc., including a -brief- a discussion of third-party options)
By default, Microsoft Windows includes Outlook Express to allow access to electronic mail.
Note: for Windows Vista/7, there's Windows Mail instead of Outlook Express
A rather more secure e-mail program than Outlook Express and works almost exactly the same.
Further details: http://www.mozilla.org/products/thunderbird/
Windows comes with a variety of software including Paint(A basic image editing program), Notepad(A simple text editor) and in later versions: Word, Internet Explorer, Outlook Express or Windows Mail and so on. A great variety of freeware, shareware and commercial packages are available.
Most computers come pre-installed with an OS called Microsoft® Windows®. Most OS's and programs have the same features whether they use Windows or not, but all computers running Windows will have these features with these names. The thing we did in the last chapter with the box that comes up when you turn on your computer is called logging in. The screen you see after logging in is called the Desktop. Most things on a computer are named after things in real life, and they are usually used similarly too. Just like a real desktop the desktop on a computer is where you go to access all your data. However, a real desktop has a flat horizontal surface.
A screenshot of the entire monitor, complete with taskbar, can be copied to the system clipboard by pressing the Print screen key. Alternatively, pressing [Alt + Print screen will copy just the active window to the clipboard. One can then paste the clipboard into a program such as MS Paint or Paint.NET to save it as an image file (for posting online, for instance), or paste it directly into a document. If saving as an image file, it is best to use a format which uses lossless compression (e.g. PNG) or no compression (e.g. BMP). Use a format which supports 24-bit color if the screenshot contains many colors.
Some people say that the various "tweaks" one can apply to the system never improve the performance significantly, certainly not enough to justify the hours and hours that some people spend experimentally tweaking.
The problem is that the effects of many tweaks are a bit iffy. There are some programs that work and some tweaks that, while they have an effect, are not something that you are likely to notice. Generally the Internet Speed tweaks and XPLite programs are worth using. Beyond that though, don't bother. If things like the appearance settings and NTFS Last Access Stamp tweaks noticeably improve your speed then you would be better off running either Win98SE or Linux, conversely they all have some effect and removing unneeded features does help.
Some people say that many "tweaks" are well worth doing.
There are lots of things you can do to improve performance. Defragment the disk, turn off services you don't need - Google for a list - restart Firefox regularly (if you use it) since it's a memory hog...
Ways to increase performance include: defragmenting the hard disk, disabling unneeded visual effects, upgrading the amount of RAM in the computer, and using various utilities and programs available for download or purchase.
If the intent is simply to improve the speed at which the system runs, regardless of all other considerations, then the ultimate speed improvement is achieved by uninstalling Windows XP, and installing Windows 98SE or Windows ME instead, since those versions of Windows are only half the size of Windows XP, so they subjectively run twice as fast as XP on any given CPU.
Several programs work for almost all Windows versions.
X-setup Excellent commercial tweaking program for Win9x/ME and WinXP/Vista/7, comes well recommended.
DH TuneXP Free WinXP tweaker program, has useful tweaks.
SG TCP/IP Optimizer Use this for fast internet tweaking. cFos Homepage (English) Get the packet shaping software from here.
XpLite Very useful in removing parts of Windows 2000 and XP systems.
Nlite Fulfils the same function as XpLite but instead works on a Windows XP CD image, which is then transformed into a bootable CD. This program is freeware and more versatile than XpLite.
When using Windows 2000 and XP there is an option to retry your operating system allocates processing power to programs. this is governed by registry entry called Win32PrioritySeparation and the values for this are allocated as follows...
Start with zero and add numbers as follows
The ratio of foreground to background priority
3:1, add 2.
2:1, add 1.
1:1, add 0.
Length of the quanta
Variable lengths: add 4.
Fixed lengths: add 8.
The intervals between switching quanta.
Shorter: add 32.
Longer: add 16.
By default it is set to "2" which is equal to "38", setting it to background processes sets it to "24". Note that this value is in decimal. Personally, I use a value of "36" for the best all-around benefit. This value allows all programs to work seamlessly even at 100% processor usage; mind you this is on a P4 so your mileage may vary.
Generally optimizing an Internet connection involves tweaking the MTU (maximum transmission unit)and the receive window. The MTU controls how much data is in every download packet, larger settings improve efficiency by reducing overhead and require fewer acknowledgement packets. The receive window sets how much data is to be received before needing to send an acknowledgement packet, this setting does not need to be a multiple of the MTU and should be as large as reasonably possible.
It would also be worth the time to set up a packet scheduler. Generally doing heavy uploading and downloading at the same time would slow down your connection, with a packet scheduler this is less of an issue. Additionally, some packet schedulers like cFosSpeed allow for prioritizing specific programs like games over more bandwidth intensive but less interactive applications like FTP clients.
Trimming the OSEdit
Litepc creates software to trim operating systems. Removing unused parts of the OS is beneficial in several ways. It reduces the amount of disk space that the OS takes up, removes possible security issues and results in less of a RAM hit. XPLite allows for a currently installed operating system to be altered while NLite (as previously mentioned) does the same to a CD image. XPLite leaves corrupted registry entries and is less versatile than Nlite.
On a final note it is important to know what any changes actually do, besides "provides speed boost" and how they affect your computer. I have had many incidents where the accusation of "tweaks" served to slow the computer down. Don't rely on being able to undo them with the program.
The consumer edition of Windows. Used with consumer electronics. Most notably used with the revolutionary Sega Dreamcast video game console. Windows CE is also used on many Pocket PCs and Smart Phones. The newest ist Windows CE 6.0, released in 2007.
Windows XP / 2000 / Server 2003Edit
Beforehand it should be noted that 2000 is often acknowledged to provide better performance with real-world use (Several programs running at the same time). It lacks some of the features of XP including the themes but is essentially the same and uses the same drivers.
There are some tweaks that do not require specialized software.
Disabling features will reduce the overhead on any action and some users can notice significant performance benefits from deselecting everything. Font smoothing, especially if using ClearType, will depend heavily on the graphics card, disabling it may have a significant effect.
There are plenty of recommendations on this, the one that makes the most sense is to set the minimum to cover normal system use like 256 or 512 MB which will not require it to change in size while in general use but to set the maximum much higher to cover contingencies. The default will work fine in most cases, note that setting the minimum higher will result in paging file fragmentation, which is very hard to fix and if succeeded, will give a speed hit. An average user might be able to download and use PageDefrag (from Microsoft TechNet website under Sysinternals) to defragment paging file on Windows NT 4.0, Windows 2000, Windows XP, and Server 2003.
This represents the cluster size on a partition, generally bigger means less fragmentation as files expand and slightly higher disk speed as less data is spent on overhead, conversely it wastes space as each file takes up a minimum of one cluster. The default seems to do fine. Altering the cluster size on the partition with the Master Boot Record may cause problems. Also, the default cluster size (4KB on NTFS / Windows XP) allows the computer to transfer data without using extra buffering.
Services.msc / MsconfigEdit
Really there is no reason why anyone should bother with this section. Unless disabling security flaws removing services causes no end of interesting errors and will free up around 7-12MB.
One benefit to using services.msc to msconfig is that services can be set to manual. However most services will not properly startup, I recommend to use Run>msconfig after identifying what services are necessary to disable them, they can also be restored to Windows default by clicking select all.
Services that are critical or that are needed and may not start otherwise should be set to Automatic while the other Automatic services should be set to Manual. This will theoretically cause them to only start when needed (again, it should be noted that this is almost never true). Note that some services are set to disable by default on Windows Server 2003, these are Windows XP features that are generally not needed by a server, if they are required they must first be enabled at services.msc.
Hardware>Hard Disk This must be enabled on Windows 2000 as it is disabled by default. If your system is capable of UDMA/66, enable it, if the system is not capable then rebooting will untick the box.
System>File system>Windows Prefetching
Windows prefetcher will monitor an application's startup sequence and Windows boot. After three application startups or three Windows boot ups, it creates a .PF file in the Windows Prefetch folder for the application or the associated boot item. This file is referenced anytime the application is launched but only when it is launched and NOT before. Windows uses the information in the applications.PF file to optimally load the necessary files associated with the application loading into memory. Such as DLL A before B etc... Windows also use this file when the defragmenter is run to layout all necessary files that the application uses to startup in sequence on the hard drive to further improve application load time. The same things happen during boot up but only in relation to files used for the boot process. Applications that are not loaded on startup are NOT precached or preloaded into Memory during boot. They are not precached at any time. This is NOT a cache and the .PF files should NOT be deleted or "cleaned". Manually deleting .PF Files does nothing but force Windows to recreate the .PF file if it is missing the next time the associated application is launched. This is a waste of time. Simply leave the .PF files and the Prefetch folder alone. Windows will automatically clean it as necessary in relation to uninstalled applications. Prefetching is NOT Caching, it is a new feature of Windows that improves application load and boot time performance automatically.
System>File system>Windows NT/2K/XP Options>Windows File System Options
These are generally useless features, note that disabling the last access timestamp can cause windows cleanup to have interesting ideas on what is useless data. Disabling the creation of short file names may cause issues in some programs as well as pretty much all programs are written for dos. Conversely, you are unlikely to use those programs and it will help when dealing with folders that have many files that start the same.
Unloading .dll files instantly can cause system instability, conversely, extra ram is always a good thing. Instability will only occur in very rare circumstances however if you start the same programs over and over this could be beneficial. This depends on how much ram you have thought of leaving it as it is may be the best choice.
Disabling paging will force the computer to keep more of the system in RAM. This will also prevent the computer from entering sleep mode. Windows will NEVER page the core kernel & drivers (that would cause a crash), however, it is willing to page a part of its systems. This setting causes more of the system to not be paged, probably won't help your game speed but if you run RAM heavy programs it will prove beneficial. The theory is that the programs will page but not the Windows core which should do less of a performance hit.
Just one setting, may improve performance, may do nothing.
Set the bottom box to "Balance"
It would be a good idea to stop Cacheman starting with Windows which you can do from the Options bar; it's worth noting here that "RAM Recovery" is generally agreed to be completely worthless, don't use it.
Optimize Xp Wonderful site, also includes links to tweaking myths.
Microsoft was trying to enter the PDA market years before the release of the first Windows-powered handhelds. First development initiatives happened as early as 1990. When Apple's Newton MessagePad emerged, Microsoft decided to begin development of the new OS.
The WinPad project would be a revolution in the user interface design. With the touch screen and handwriting recognition support, the project promised brand-new user experience. However, the mobile devices' hardware was not ready for such an operating system at that moment. The main fault of the developers was possibly the attempt to use portions of the existing kernel modules' code. The project was closed in 1994.
At the same time, Microsoft worked on the Pulsar project. The concept of a multi-purpose wire- and keyboardless device featuring unique architecture was too pathbreaking, and Microsoft discarded this idea as well.
(to be continued...)
(...and PocketPC... and Handheld PC... and so on... make some sense of this mess for the reader! this of all things is clear as MUD even to developers!)
And on 9th March 2006, MS has unveiled their UMPC.
Windows XP EmbeddedEdit
Microsoft® Windows® XP Embedded is a componentized version of the Microsoft® Windows® XP Professional operating system that brings the rich feature set of Windows XP Professional to embedded devices. However, there are some differences between Windows XP Professional and Windows XP Embedded. The major difference is that Windows XP Embedded is engineered specifically to support embedded devices and their manufacturers. This document describes Windows XP Embedded solutions for common embedded scenarios and describes Windows XP Professional features that Windows XP Embedded does not include.
Microsoft's Development CycleEdit
SDL Practice #1:
Core Security Training
Software security training is a prerequisite for implementing the SDL, and individuals in technical roles (developers, testers, and program managers) who are directly involved with the development of software programs must attend at least one unique security training class each year.
Why should I follow this practice? Understanding software security problems is a foundational part of building better software. By allowing individuals involved with the development of software programs to stay informed about security basics and latest trends in security and privacy, you’ll increase their commitment to writing more secure software. For more information, read the Essential Software Security Training for the Microsoft SDL whitepaper.
When should I employ this practice? Basic software security training should cover foundational concepts such as:
■Secure design, including attack surface reduction, defence in depth, the principle of least privilege, secure defaults
■Threat modelling, including an overview of threat modelling, design implications of a threat model, coding constraints based on a threat model
■Secure coding, including buffer overruns (for applications using C and C++), integer arithmetic errors (for applications using C and C++), cross-site scripting (for managed code and web applications), SQL injection (for managed code and web applications), and weak cryptography
■Security testing, including: differences between security testing and functional testing, risk assessment, security testing methods
Privacy, including types of privacy-sensitive data, privacy design best practices, risk assessment, privacy development best practices, and privacy testing best practices
Training resources by SDL phase Training Phase: Introduction to Microsoft Security Development Lifecycle (SDL) Requirements Phase: Privacy in Software Development Design Phase: Basics of Secure Design, Development and Test Introduction to Microsoft SDL Threat Modeling SDL Quick Security References – Cross-Site Scripting, Exposure of Sensitive Information, SQL Injection SDL Developer Starter Kit – Secure Design, Threat Modeling, and Threat Modeling Tool Principles Implementation Phase: Basics of Secure Design, Development and Test SDL Quick Security References – Cross-Site Scripting, Exposure of Sensitive Information, SQL Injection SDL Developer Starter Kit – Secure Implementation Principles, Banned APIs, Code Analysis, Source Annotation Code Language, SQL Injection, Compiler Defenses, Buffer Overflows, and Cross-Site Scripting Verification Phase: Basics of Secure Design, Development and Test SDL Quick Security References – Cross-Site Scripting, Exposure of Sensitive Information, SQL Injection SDL Developer Starter Kit – Secure Verification Principles, Fuzz Testing, Code Review, SQL Injection, Compiler Defenses, Buffer Overflows, and Cross-Site Scripting
The Windows Version LifecycleEdit
When a version is released, it is soon discovered that there are thousands of bugs (errors) and miscellaneous problems, especially security issues. This leads to a large stream of patches being released which sometimes get condensed into a service pack. As the program ages and newer systems are released the support will be discontinued so as to force users to upgrade.
More info here: http://www.microsoft.com/windows/lifecycle/default.mspx
(explain how a Windows version is serviced- Service Packs, Windows Update, etc- and finally obsoleted; explain how support options change and eventually evaporate)
See Wikipedia article Windows 7.
Appendix: Key combinationsEdit
Ctrl+Alt+Delete - performs a soft reset
Left arrow, right arrow - Move cursor backwards or forward one character
Ctrl + left arrow, right arrow - Move cursor backwards or forward one word
Home, End - Move cursor to start or end of line
Up, down arrow - Scroll up and down stored (command) buffer
Page up, down - Places oldest or most recent (command) in a command line
Insert - Toggle between the insert and over-type modes. (square cursor denotes over-type mode)
Esc - Delete current line
F1 - Repeat text typed in preceding line character by character
F3 - Repeat text typed in preceding line (complete)
F5 - Cycle through entire current (command) buffer
F7 - Display all entries in current (command) buffer with line numbers
Alt+F7 - Delete all entries in current (command) buffer
F8 - As F5, If preceded by entry of character string, will load the latest buffer line with corresponding characters (from the start of buffer entry line)
F9+Buffer line number - Displays relevant buffer line; normally F7 first to show lines with numbers
Ctrl+C - Close down most applications and return to prompt
Windows Default CommandsEdit
- ALT+F4 closes the active program
- Win+M Minimizes most programs
- CTRL+ALT+DELETE presented shutdown options
- CTRL+C - Copies the selected text or images
- CTRL+X - Cuts the selected text or images
- CTRL+V - Pastes the previously copied or cut material
On Windows XP and later, CTRL+ALT+DELETE starts Windows Task Manager, which you are able to force programs to close, see CPU activity, and even manage user CPU status.