The Active Network
ActiveWin: Editorials Active NetworkFlink Ink | Reviews | FAQ | Mailing List | Forums


Dropping Legacy Drivers from Win98ME

March 28th, 2000 - Chuck Flink

If it's true, I've got to commend Microsoft for a very smart move. Preliminary indications are that Windows 98 Millennium Edition will ship with some (most?) of the legacy drivers removed. They will presumably be available, as they have always been, from the manufacturers of the legacy devices involved. The point is, Microsoft has found a way to distance themselves from their flawed past without sullying the reputation of Windows 2000. Instead, they'll deliver a Win98ME as the sacrificial goat to take all the blame for the incompatibilities inherent in moving to a healthy OS model replacing the real-mode kluges of the past.

I suspect this goes along with the proposal to 'open' at least some of the Windows 98 source code to competitors as part of the settlement of the DoJ case. Simply put, Windows 98 is clearly on the way out. If competitors want to play in the trash heap, welcome to it. Win98ME will be the final edition (finally) base upon the inferior architecture inherited from the earliest version of Windows. This is a move that anyone interested in Computer Security (and Computer Science) should cheer!

Windows 2.x had no "supervisory mode". There simply was no protection mechanism separating applications from DOS and Windows. It was a very crude windows manager grafted onto DOS, which itself was little more than a program loader, very primitive OS at best. Now, I do not mean to dismiss DOS! It was the appropriate technology for it's time and clearly allowed many an entrepreneur to 'add value' to the PC. This was the key characteristic of the PC that fueled the PC revolution. This is why we're all running IBM compatible with very little software or hardware originated with IBM! It was a key part of giving birth to PC side of the Open Systems revolution.

Windows 3.x added the use of "supervisory mode", but it was NOT used to implement a security domain in the sense of real operating systems like UNIX, VMS, and anything on a mainframe. It was used only to provide a memory management scheme that broke out of the very tight limitations of the 8086 and 80286 "real-mode". Yes, we gained some memory protection and programs less often stepped on each other, but the primary objective was to make memory available, not protect it. It was still possible for any program to deliberately (and frequently accidentally) touch any part of the memory belonging to some other program, not to mention touching any part of the raw disk.

The point is this: The very legacy that fueled the PC revolution, 3rd party access to supervisory mode and and the very 'guts' of the PC hardware and firmware is incompatible with the development of a truly reliable OS, let alone a trustworthy one.

The ability of Microsoft to field a truly reliable OS, and potentially a trustworthy one, begins with the development of a true protected-mode OS. This was and is the primary reason for the development of Windows NT. Unfortunately, backward compatibility and performance tweaking by cheating on the architecture continually put off the burial of the Windows 3.x heritage, leading to Windows 95, Windows 98, Windows 98SE and all the Windows Update patches in between and since.

We thought the release of Windows 2000 would be the break point between this cruddy past and the stable and secure potential offered by NT. Unfortunately or fortunately, depending upon your point of view, games play faster and drivers can be hacked together faster, and flaws can be patched faster when one avoids the strict requirements of a true protection mechanism, i.e. a serious OS.

So Windows 2000 was released as a professional and server platform for business, small to big, and the homeowner was left with Windows 98SE as the recommended solution by compatibility with old hardware and cheap games. We all know that eventually some pain will come, that some price will have to be paid because we simply can't keep backward compatibility with hardware drivers, games and applications that cheat against the very protection mechanisms needed for security and reliability.

Microsoft seems to have come up with the solution: Windows 98ME will either be a Windows 98 kernel stripped of the very backward compatibility that causes Windows 2000 heartburn, or it's a stripped down Windows 2000 kernel hiding under the name Windows 98. Either way, Windows 98ME will be sacrificed on the pyre of backward compatibility, suffering all the pain and shame for the sins of the past Windows architects and game and device-driver programmers. This sinfulness, in the form of previous short-sighted cheating to squeeze price and performance advantages on the market, guaranteed that there would be hell to pay in the future. Let the sacrificial lamb be called Windows 98 Millennium Edition, so a that a new era can be born!

Long live Windows 2000! Long live UNIX, Linux, etc! Long live real kernel architectures! And good riding's to the half-baked, kluge of an architecture that was Windows N.N and Windows 95/98! Windows 98ME will be the transition system, probably a short-lived one!

Copyright 2000 Information Security Analysis LLC. All Rights Reserved.

Return To The Flink Ink Section


  *   *