Dave Solomon of Sysinternals was experimenting about how many services are necessary for at least basic funtionality of Windows. What he discovered, however is that Windows can be perfectly used for almost all basic use, such as web browsing or running aplications, without any services running. In his article he explains how to achieve this. Apparently even Microsoft's own vice president of the Core Operating Systems Division was surprised about this.
Post a Comment
Member since:
2005-06-30
If microsoft wanted they could ship a copy of XP with almost no services running that would probably run on a 486 but they chose not to because they would be creating a longer upgrade cycle and negatively impacting their own sales. This could also be the answer to defeating Linux but Microsoft is intentionally holding back for that reason.
Linux (desktop) does not have this same hardware agenda but most mainstream Linux distros are every bit as bloated (or more so) out of the box as windows XP.
Placing any new services in startup should require a federal license if you ask me.
Member since:
2005-07-06
I'm a service-tweaker myself, being a 'long-time' user of Blackviper's Service Tweaking tips (now no longer online, but mirrored by dozens of tweak-sites, often without acknowledgements).
He described which services could be safely turned off, which could be safely turned off in case you dind't need certain functionality (like wireless networtking, networking in general, printing, etc.) and which services were absolutely necessary. This greatly helped me to tweak my system.
If you wanted barebones, only 6 services were absolutely necessary to function. See it here:
http://web.archive.org/web/20041128084144/www.blackviper.com/WinXP/...
So this is..an interesting article.
Member since:
---
Member since:
---
Many of the tools needed to run Windows properly don't come from Microsoft -- or Symantec for that matter. They come from Sysinternals and a very short list of companies and individuals who know what is really needed to make use of an OS that is obfuscated in the name of simplicity.
Sysinternals is one of the reasons why admins everywhere have a fighting chance to use Windows in a serious way as opposed to the marketer-driven, unstable and unsecure, way that it is shipped.
Thank you Dave Solomon!
Member since:2005-06-29
Member since:
---
Member since:2005-07-07
Member since:---
> I find it amusing that these guys made it so difficult
> to achieve
They made it so difficult because
1. most services ARE essential. RTFA - they could not even log off after shutting down all serrvices, nor would the task bar display any windows.
2. shutting down these services is "outside the specification". You cannot *expect* anything to work in this state, and they made it difficult to prevent people from abusing any effects they observe in this state.
> Mac OS X works right out of the box as a great client
> system with ZERO services running by default. Why
> does Windows need anything running at all?
So OSX does not have a kernel nor processes running after startup? Or do you think the microkernel-ish idea of moving functionality out of the kernel and into separate services is bad (and if so, then why)?
Member since:---
They made it so difficult because
1. most services ARE essential. RTFA - they could not even log off after shutting down all serrvices, nor would the task bar display any windows.
Essential by design under Windows. Other operating systems don't have that limitation and thus can start with no services and still be quite functional.
2. shutting down these services is "outside the specification". You cannot *expect* anything to work in this state, and they made it difficult to prevent people from abusing any effects they observe in this state.
This only emphasises that MS has made some questionable design decisions...after all no other OS seems to have this design and the associated limitations.
So OSX does not have a kernel nor processes running after startup? Or do you think the microkernel-ish idea of moving functionality out of the kernel and into separate services is bad (and if so, then why)?
Microkernel has nothing to do with it. The same applies to monolythic kernel operating systems.
Having services local and network accesable as appropriate and only spawned as needed is a good idea. That's why you may hear about unix/Unix being secure -- it uses things like init (and improvements to init) to lessen the impact of running an arbitrary service. Windows has svchost, though it's not as aggressive as init/xinit and others.
The fewer things that are running, the lower the complexity. The lower the complexity, the more likely that defects or odd interactions will not impact the system. Require that everyone runs 48 services and not only do you loose these benifits but you introduce the chance that attack vectors are plentiful and easily exploited -- something that should sound familiar.
Member since:
---
Member since:
---
Gentoo also has only the services running you specifically choose to run.I think rather more important are the services who can be reached over the net to be shutdown as much as possible.
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-07-26 16:38 UTC
All 1663 scanned ports on localhost (127.0.0.1) are: closed
Nmap finished: 1 IP address (1 host up) scanned in 0.333 seconds
Member since:
---
Member since:2005-07-07
Member since:
2005-07-10
Really, this made my belief true. I have worked extensively in windows user mode and kernel mode. I always felt that windows kernel is quite clean with everything well defined. Dave Cutler (aka VMS fame) has indeed designed a good kernel with NT series.
But jokers at MS with their user mode crap and always trying to make things easier (or DUMB) for users have crippled it. I mean look at the dependencies and polling, frankly did they really have to make it so complex and make so many services running? I personally think they didn't think much working under hard deadlines of Microsoft and made poo. Last i heard, in longhorn they are correcting many of these things.
Member since:
---
Member since:2005-07-06
Member since:
---
I never understood why some services always have to be running and some can just run and stop. For instance why should print spooler run even when I'm not printing, why can't it start itself when I'm printing and then turn itself off?
Windows Update is the worst for requiring useless services. On XP it needs Automatic Updates, BITS, and Cryptographic to work. Other than performing updates I usually have these 3 services turned off.
Member since:
2005-07-06
hardly news.. 
I've been doing this for years on my boxes.. between manually editing thing in the registry, disabling all the services cept the few you might need for something, using nlite and xplite plus a few otehr apps.. xp can run nicely
xp will run fine on a fast 486 with enough ram. It can run usably on a p133/32mb (its using 19mb on that system right now...)...
I'm surprised more people don't know about this kind of stuff...
Member since:2005-07-07
>xp will run fine on a fast 486 with enough ram
While the rest of your statements is true, this must be crap that you never tested yourself, right?
XP will not install on anything less than a Pentium-1.
For further "windows on extremely crappy hardware" tests, see: http://www.winhistory.de/more/386/xpmini.htm [in german, but you get the idea: it is possible to run XP on a 20Mhz P1 with 32 MB RAM - way below Microsoft's stated minimum hardware requirements]
Member since:---
Member since:
2005-07-06
I havent read the article yet but the only services i "need" to run properly is RPC and dhcp (because im to lazy to set up everything manually
2 services. If you kill RPC a BUNCH of stuff breaks.. I have it off on a tower than I dont need sound and such on.. using blackbox as windowmanager since explorer is more or less dead
Member since:
---
Essential by design under Windows. Other operating systems don't have that limitation and thus can start with no services and still be quite functional.
It depends on your definition of "service" and in what context the term is being used.
Maybe someone needs to define just what a service is in Windows NT. Its nothing special beyond an application that can respond to messages from the service control manager. Besides having to follow certain security policies that are different than an admin while running in the SYSTEM security account thats the only difference. Its a regular executable application otherwise.
This only emphasises that MS has made some questionable design decisions...after all no other OS seems to have this design and the associated limitations.
OS X has a login process and like the xp login process it runs at all times. Kill it and fast user switching etc. is gone just like on XP.
The Dock on OS X is a process, just like the taskbar is a part of explorer.exe on windows.
I do not know many people who would consider OS X usable without the Dock. Its listed as a core service of OS X.
Yes other Operating Systems do have this design (all of them in fact as every software application or 'service' has some kind of runtime requirement or dependancy) and most people consider it to be a limitation when they cannot do basic things like navigate the UI of their computer as advertised once they disable all the 'services' on the machine.
Having services local and network accesable as appropriate and only spawned as needed is a good idea.
Agreed and it can be done on a windows system but historically has not been done by default as shipped from MS.
The fewer things that are running, the lower the complexity. The lower the complexity, the more likely that defects or odd interactions will not impact the system.
Agreed.
