Twenty Years of Windows

May 22, 2010

It was twenty years ago today that Microsoft launched Windows 3.0, the first commercially successful version of Windows, and the beginning of Microsoft’s growth to eventually dominate the PC industry.  Windows 3.0 was still essentially a GUI front-end that ran on top of MS-DOS.  It had some ability to make use of the expanded memory management facilities available in the Intel 80286 and 80386 processors, but these tended to be a bit clunky, and definitely confusing to users.  (Microsoft had also attempted to introduce a version of Windows, Windows/386, that could take advantage of the 80386’s support of real virtual memory, but it was in my experience horrendously buggy and unstable.)

Windows 3.0 was the beginning of a long series of Windows releases that ran on top of MS-DOS, including Windows 95, Windows 98, and Windows ME.   Windows NT, which was for many years developed in parallel, was in contrast a totally new operating system, and did not make use of MS-DOS; it was the progenitor of the current Windows series, including Windows 2000, Windows XP, Windows Vista (shudder), and Windows 7.

One of the most significant strategic decisions Microsoft made was to develop Windows to run on the IBM PC and the many “clones” of that original machine, in contrast to Apple, which developed both hardware and OS software together.  This meant that Apple machines have always been, at one level, more elegant and stylish than Windows machines.  As Neal Stephenson put it in his extended essay, In the Beginning Was the Command Line,

Apple therefore had a monopoly on hardware that could run MacOS, whereas Windows-compatible hardware came out of a free market. The free market seems to have decided that people will not pay for cool-looking computers; PC hardware makers who hire designers to make their stuff look distinctive get their clocks cleaned by Taiwanese clone makers punching out boxes that look as if they belong on cinderblocks in front of someone’s trailer.

One of the reasons Windows became so successful was that it would run on checap, commodity hardware.  Windows 3.0 also marked the beginning of Microsoft’s push to have Windows pre-installed on new PCs by the manufacturers, a strategy that has been very successful for them.

Ironically, though, it was largely because of the cheap, ubiquitous PC hardware made to run Windows that the development of Linux, the open-source operating system, was possible.  As Stephenson also points out, it is not too hard to start distributing free software, especially in the age of the Internet.  Arranging for cheap computer hardware is a lot harder.

Credit for Linux generally goes to its human namesake, one Linus Torvalds, a Finn who got the whole thing rolling in 1991 when he used some of the GNU tools to write the beginnings of a Unix kernel that could run on PC-compatible hardware.

Really the only way to make hardware cheap is to punch out an incredible number of copies of it, so that the unit cost eventually drops. For reasons already explained, Apple had no desire to see the cost of hardware drop. The only reason Torvalds had cheap hardware was Microsoft.

At the time that Windows 3.0 was released, I can remember being quite excited about the prospects for the new system, and it certainly played an important role in making the personal computer the commonplace tool it is today.  I can’t help but think, though, that Microsoft has gotten a little too tied to the original PC idea of one user ≡ one computer.  It will be interesting to see if the company can adapt to the ongoing evolution of computing.

Low-grade Encryption

May 22, 2010

There are many software products — among them spreadsheets, word processors, data bases, and so on — that promise to encrypt your data.  Historically, many of these have used encryption schemes so feeble as to be essentially worthless against any determined attacker; they might keep your nosy kid brother out, but not much more.  (As I have noted before, you should be deeply suspicious of any encryption scheme for which the algorithm is not disclosed.)

Now Christopher Kois, a blogger, has posted details of another lousy encryption technique, used by Microsoft’s Dynamics GP business accounting software.  (Microsoft Dynamics is a range of business accounting and management information software; the GP product, intended for mid-size businesses¸ was originally developed by Great Plains Software, which was acquired by Microsoft in early 2001.)   The GP system offers the possibility of encrypting certain data elements; however, what Mr Kois has discovered is that these data are encrypted using a simple mono-alphabetic substitution cipher, providing a very low level of protection.  The original Great Plains product was developed to use CTREE and Pervasive SQL to store its database.  After the acquisition, Microsoft ported the software to run on its SQL Server.  SQL Server does provide data access controls on a per-user basis; perhaps that gave the GP developers the idea that the encryption did not matter.

(A mono-alphabetic substitution cipher is one of the simplest encryption methods possible.  Essentially, it replaces the symbol ordinarily used for each letter with a different one.  For example, we might assign each of the 26 letters of the English alphabet a Greek letter to represent it.  We might have A=θ, B=λ, C=ρ, and so on, adding £ and ∞ to supplement the 24 Greek letters.  The important thing to note is that only the representation of the data has been changed.  This kind of cipher is generally easy to cryptanalyze and break, because it preserves all the statistical characteristics of the original language: for example, the relative frequencies of letters and digraphs.)

Regardless of the reason that it exists, having this kind of pseudo-security facility is a Very Bad Idea.  It has the potential of giving unsuspecting users a false sense of security, without providing any meaningful protection for sensitive information.

%d bloggers like this: