A Quick Take on Windows Security Evolution

A while back I wondered how software developers’ concerns about security evolved over time. Obviously, studying under-the-hood changes would be a major research undertaking—and frankly beyond my interest. But mightn’t there be a feasible shortcut, a sort of poor man’s time-series analysis of security concerns? Behind this question was my speculation that the tightening user-controlled security con guration options and default settings in operating systems indicate areas of critical concern to OS developers. I therefore decided to test that hypothesis on some Windows OSs—XP, Vista, 7, and 8—that roughly coincide with the time frame of interest to me. In the Windows world, robustness really started with the NT kernel. Before that, Windows was little more than a shell in front of DOS. NT had its own hardware abstraction layer for several platforms, a worthy TCP/IP stack, full preemptive multitasking, a native logging system, its own secure native le system (NTFS), a native Windows API, support for 32and 64-bit architectures, symmetrical multiprocessor support, and so forth. With the introduction of NT in 1993, Windows was beginning to look like a real OS. NT was the existential moment for Microsoft OS development. While NT proved that Microsoft could build something approaching a real OS, it was XP, introduced in 2001, that added sophistication to the NT platform. The graphical user interface was intuitive and versatile, the NT kernel was sound, and the networking and multimedia support was beginning to mature. The rest, as they say, is history. XP went on to sell over a billion copies while it was still supported by Microsoft until 2014, and remains the fourth most popular Windows OS to this day, just slightly behind 8.1 (gs.statcounter.com /os-version-market-share/windows/desktop/worldwide). So it’s with XP that I began my analysis of changes in Windows OS con guration options and default settings as a possible indicator of Microsoft’s security concerns. My operative principle was that adding a new con guration A Quick Take on Windows Security Evolution