Going Deep Inside Vista's Kernel Architecture

bariswheel wrote to mention an episode of 'Going Deep' on Channel 9 which takes a hard look at the architecture of Windows Vista. From the post: "Rob Short is the corporate vice president in charge of the team that architects the foundation of Windows Vista. This is a fascinating conversation with the kernel architecture team. It's our Christmas present to all of the Niners out there who've stuck with us day after day. This is a very candid interview." Topics discussed include the history of the Windows Registry, and the security/reliability of Microsoft's upcoming operating system.

For those of us without speakers...

[the unbeliever]

Can someone post a transcript please?

Is that a word?

[slavemowgli]

[...] the corporate vice president in charge of the team that architects the foundation of Windows Vista.

"architects"? Is that even a word?

Please, kill the registry...

[Anonymous Coward]

...good old ini files are much more easy to use (i.e. copy around, fiddle and the like)

Re:Fix whats there!

[a_greer2005]

Hate to reply to self but: heres the rest of my thought that I forgot:

If you already paid for WinXP, why the hell should you have to pay AGAIN for the "security" that was supposed to be there...and in 2k, NT4, yadda yadda yadda?

Re:Please, kill the registry...

[dc29A]

...good old ini files are much more easy to use (i.e. copy around, fiddle and the like)

That will also make applications easier to port. Something Microsoft doesn't want. Registry is a good lock-in tool for Microsoft.

Re:Fix whats there!

[jjohnson]

Businesses would never accept this kind of qualty from, for example, partners, suppliers, and so on...

Businesses in all markets accept this kind of quality from their suppliers and partners all the time. They don't like it, they scream about it, they change relationships because of it, but don't think that problems of the same scale don't constantly occur in businesses generally. I say this as someone who spent five years in plastic housewares manufacturing. Technology is not unique at all in this respect.

Re:Please, kill the registry...

[Anonymous Coward]

actually, this will make applications easier to copy to a new system after a reformat or general cleanup. Microsoft shouldn't give a tiny rat's ass for this, since that's the way (ok, one of the ways/reasons) their software ended up in everyone's computer...

Re:How deep did they go?

[schnikies79]

HAHAHAHAHA. I rarely laugh at posts but this one had me rolling for some reason.. Bravo!

Re:You name it, they've probably been there.

[delong]

It must be nice to have mainstream consumers for your main customers, rather than IT pros. You can sell 'em anything, and they'll never know it's crap, because they don't keep up with the industry

That's why I always skip all these "new Windows release" articles - they're pap. Usually just alot of mouth breathing over widgets and rather pedestrian implementations of mundane technology. Boring, and not very informative. Keeps alot of boring writers in jobs, though. Microsoft is like a 5 year jobs program for "IT Professional" writers that otherwise don't know their ass from their hat.

Re:MMS stream hails from microsoft.com!?!

[Covener]

Not to diss the underlying interview [I'm always willing to hear about kernel stuff], but it's kinda odd that the MMS stream originates at a M$FT server:

It's almost as if this MSDN interview of an MS executive on future MS technology is somehow MS related.

Re:You name it, they've probably been there.

[MightyMartian]

Well, it was precisely this sort of hype that kept Windows 3.1 at the forefront while an actual 32-bit operating system that would run existing Windows applications (better than Windows itself) actually existed. Microsoft, through various "computer" magazines (which were nothing more than MS shills), painted a beautiful picture of Chicago, through artists renderings and feature lists for features that didn't even exist. Of course, when Windows 95 finally arrived, it was a bug-ridden piece of crap, but the marketing onslaught and MS's corrupt ways of dealing with PC manufacturers destroyed OS/2. People actually willingly went for one of the most unstable operating systems that MS ever produced.

mnb Re:Please, kill the registry...

[Anonymous Coward]

Shush!
Do you really think you can get modded insightful? Your well reasoned and well documented factual post has nothing on a simpleminded (and factually incorrect )Microsoft attack by someone who didn't even post about the article in question!

But honestly, this is a true test of the moderation system. Your point is based in fact and deserves a higher score than the GP post's tirade based on incorrect assumptions.

We'll see.

Re:You name it, they've probably been there.

[stubear]

You are probably the same jackass who goes around crying "why doesn't Microsoft just do things like UNIX" and when they finally borrow a couple riffs you're crying"boo hoo, Microsoft is copying UNIX". It's clear they're damned if they do and damned if they don't do it's really no wonder they don't care very much about what the Slashdot community wants or thinks.

Re:I love the questions they ask.

[starwed]

Personally, I don't see what the big problems with the registry are.

With most old applications, I could simply copy the root directory onto another computer, and it would work fine. As apps started using the registry more often, this sometimes became impossible; programs would just refuse to work because they couldn't find the registry entries they needed. (Games are especially bad, as they often keep CD keys in the registry.) I can see why the registry could be useful, but in practice it (or perhaps just how programmers have used it) has caused me quite a lot of hassle.

Re:I love the questions they ask.

[Ignominious Cow Herd]

Spank me for not previewing. There is a missing <username> in between the \\'s.

Re:I love the questions they ask.

[Foolhardy]

I personally think the Windows Registry is the software implementation of the saying "putting all eggs in one basket".

Kinda like how putting all your filesystem metadata in one database is the software implementation of the saying "putting all eggs in one basket"? The registry is a binary hierarchical database optomized for config (small entries), broken into mountable volumes (registry hives), journalled and with hot backup functions [microsoft.com]. A filesystem is a binary hierarchical database optomized for large files, often journalled and with hot backup functions. If you want backups, see ntbackup: the "System State" option includes all the machine's hives. System restore also makes backups of the system hives.

Re:That's It??

[jonbrewer]

Echoing the sentiments of the ACs who have replied to this, I too need to put in a good word for the NT kernel. It's excellent. It always works. I started working with NT 3.51 10+ years ago (same time I moved from Digital Unix to Linux) and have found it to be a great OS. Give it good hardware & software, (these days set it behind a firewall) and it will run for YEARS.

I managed an early Y2K program back in 1998 where we moved a network from 486/Win3.11/Novell to 586/NT4.0/NT Server. We didn't put removable media in the machines & didn't give Administrative rights to anyone. I wandered around the facility recently to find dozens of those ugly beige box clones still going. Thus happy to see NT kernel continuing in Vista (whenever that may happen...)

Re:Where is the news?

[gumpish]

recent news (oxy moron? Isn't all news recent?)

"old news" would be an oxymoron.

"recent news" is redundant.

Re:Where is the news?

[Anonymous Coward]

You forget... this is Slashdot.... where pro-Linux stuff is posted the second it is available, even if it is complete garbage, and anything about Microsoft is ancient news before it gets posted. Check out the XBox360 release date news... one front page article about the XBox360 when everywhere else had tons of stuff.... and that one front page article was a negative one.

Re:That's It??

[0racle]

Ah yes, throwing everything out and starting from scratch is a fantastic way to fix security holes and bugs.

See Also:
Windows 95
Windows NT 3.1

Paragons of stability and perfect programming without a single bug all thanks to throwing everything out and starting over.

Re:OS/2 failed because OS/2 didn't work well enoug

[jejones]

If the tool will "gimmee" enough, I could care less whether it was created by Apple or Microsoft or Walmart. Merit trumps all.

Even ethics and the law?

Re:I love the questions they ask.

[ivoras]

I'm sure that, if Microsoft did something like that (turn Registry into bunch of XML files), there would be an army of Slashdot-reading nerds going "Wow, M$ is stooopid - and what about memory consumption and speed of processing of all that XML files?!", "And just how is M$ going to ensure data reliability / transaction safety with textual XML data?!" and others.

The Windows Registry in Windows NT systems is a database-like construct, with sort-of transactions. They even have access control lists to manage security - keys can be made writeable only by some users, etc. Some registry files ("hives") contain security information and are not readable by normal filesystem utilities (access-denied on open(); though this is not registry-specific :) ).

Think of it like using mysql or sqlite database to store and manage system configuration instead of bunch of config files - it's NOT a bad idea.

(I'm not attacking the config-file approach, just saying that having a convenient standardised interface to config data across all applications is a Good Thing).

Um...isn't vista simply rehashed NT 3.x?

[filesiteguy]

I hate to say it, especially since I never downloaded the betas to this "groundbreaking" software, but isn't Vista simply another iteration of OS/2 / NT? I remember being very exited by XP when it was hyped and paraded around like a "new" operating system that was somehow different than NT 5.0 (a.k.a. Win2K).

However, once I got my beta of XP (NT 5.1) I was sorely dissapointed when the ntoskrnl.exe and other nt*.exe and nt*.dll files (I forget exactly what they are named.) had similar architecture and functions to the same ntoskrnl.exe files in NT 3.1, which I recall running like a dog on my DX/66 (particularly compared to OS/2 2.0 which ran great).

Re:Transcript (Just Intros - Working On The Rest)

[Vladimir]

So specifically what we've been doing is taking every binary in the system and assigning it a layer number, which is a rank in a directed acyclic graph. There's about 5,500 binaries in the system.

oh, they know about acyclic graphs, good. I bet they have only 5500 levels in it. On a side note: Debian GNU/Linux provides more than a pure OS: it comes with over 15490 packages, precompiled software bundled up in a nice format for easy installation on your machine... (http://www.debian.org/ [debian.org]) So why keep re-inventing the wheel, just ship vista with msdpkg/msapt...

Re:You name it, they've probably been there.

[Overly Critical Guy]

Virtual folders and metadata indexing. Hardware accelerated desktop composition. I sure hope we see that someday [apple.com].

Re:I love the questions they ask.

[AKAImBatman]

Yeah, then roaming profiles are going to work great.

And roaming profiles are a *good* idea because... ???

The more meta-data you can link up to individual files, the better you can network those individual files. The problem is that Windows is an explosion of little files, with an explosion of configuration files, with an explosion of proprietary databases, with an explosion of special directories on top. It's a fracking mess, and roaming profiles is a band-aid.

No other PC GUI system came up with such a poor design. (Yeah, X-Windows was a mess too. But it was a controlled mess intended for *cough* "Professionals".) BeOS, Amiga, RiscOS, Mac, etc. all had way better solutions to the problem. The most important goal for Windows was to run a multi-user environment on top of a single-user Operating System that would perhaps be best be described as an "embedded OS". It worked at the time, but it wasn't a very effective way to handle things long-term. Plus, GUI designs have never been reevaluated in the face of modern hardware.

Read the article. I haven't covered everything (it's an article, not a book), but you may find that it's actually a good idea. BTW, the follow-up is here [blogspot.com].

Re:I love the questions they ask.

[Osty]

So why not do something intelligent and implement it as a SQLite database?

Feel free to travel back in time and suggest they do that. The registry has been around for over a decade. SQLite has not. The registry works (yes, maybe it can get corrupted, but I haven't had that happen in years), and there's other stuff Microsoft can and should focus on besides re-writing the registry.

Re:I love the questions they ask.

[Bellum Aeternus]

Simply being from M$ does not make an idea bad. Take Xml/Http. Even Google likes it and it is a M$ idea. They built into IE 5.5 long before Mozilla/FireFox or any other browser had it.

M$ has had other good innovations too. Don't just knock something because it's from M$. Knock the Windows Registery because it's outdated, aniquated, and unreliable. :-p

(Mod me down if you have to...)

Re:I love the questions they ask.

[timeOday]

See if you find these interesting: http://www.namesys.com/whitepaper.html [namesys.com] http://namesys.com/ [namesys.com]

In short, I'm convinced the registry doesn't require a separate implementation from the filesystem.

Designers (including Mozilla's) are entrenched in the idea that lots of tiny files are bad. Traditional filesystems and even api's to some extent aren't optimized for that. But Microsoft was in a different position, because the designers of the registry were in cahoots with the filesystem people (same company). Instead of inventing the registry, they should have optimized NTFS for config info.

Re:That's It??

[Anonymous Coward]

You know, that's like saying that people shouldn't drive to work between 7am and 8am because that's when roads are most congested. When I drive to work at midnight the roads are all free of congestion, so if everybody just switched to driving to work at midnight like me, they would all get to work faster and with much less hassle. Of course that's wrong because the congestion is caused by everybody driving to work at the same time. The only way to ameliorate the problem is to have people spread out driving to work over the whole day or not drive to work at all. That doesn't work because it causes more problems than it solves.

As a person who has had my Solaris and Linux boxes 0wned, I can quite confidently say no system is free from exploits. Unix has always been a joke from a security standpoint (compared to "real" OSes like MVS, VMS, and MULTICS). The only reason it seems so secure now is that the vast majority of users are now running Windows. That's not to say that Windows is where all of the exploits are, but that's where all of the exploitERs are! I'm sure you could have a perfectly exploit-free time enjoying Windows 3.1 on the Internet. Not because Win3.1 doesn't have any security holes (indeed, it doesn't have any sort of security at all), but simply because nobody is trying to exploit Win3.1.

dom

Re:I love the questions they ask.

[Fallen_Knight]

131181 keys, and 291410 values

A: for each Key you'd have a file, at worst, so 131181 files
B: alot of the keys and values are pretty uselss and totaly OVERKILL i think
C: many and i mean MEANY keys and subkeys are like /network/adapter/stuff1,stuff2,stuff3
D: there is much duplication of keys and values.

So there would nto be 131181 files, no where near
theres alot of stuff in there thats pretty weird to have in there
registry is prone to bloat, at least it used to be and probably still is
some of the stuff in there is more suited to a /var or /tmp then the registry
it makes mvoeing configs across installs or frmo 1 system to another damned hard.

Now what makes me sure it was the wrong way is linux uses config files, and a linux system with a full package install seems ot have ALOT more software to configure then windows, so how come linux can easily use config files and windows can't? windows can't need that much config data??

config files are alot easier to edit, change and debug then the registry, as you have many MANY tools that can read and manipulate text files. grep, find, whatever.

Operating Systems Aren't Amazing Anymore

[tjstork]

The thing that irritates me about the tone of Microsoft is that they still live in this world where they spin everything they do as amazing and its just not any more. Computers aren't "amazing" anymore. Operating systems and things like Windows does, even if new, don't have the same impact as the basic innovations of GUI displays did in 1992. The amazing stuff that is happening is, um, usually at Google.

Re:I love the questions they ask.

[Anonymous Coward]

You bring up an excellent point. Reiserfs will likely not be popular for at least a decade because apps must be written to support it. Since most people don't have reiserfs, any app that requires it will be quite unpopular. Windows has the same problem with NTFS. Since Windows cannot rely on having an NTFS filesystem available, having it store the configuration data would not help very much. Not only does NT (all current Windows versions are based on NT) have to be able to boot from FAT[32], but the APIs still have to work on Win9x. What they would end up with is just some config-optimized FS layer on top of the filesystem. Come to think of it, they could call it a "registry"...

Remember, FAT (like most old Unix filesystems) could not have more than 64k files (each taking up at minimum one sector) and directories are not stored in sorted order on disk. This means that putting every key in a different file would start to limit the number of other files you could put on the filesystem and cause config file access to be slow because you would end up with lots of files in large directories.

When the system boots it creates a copy of the systems configuration data (LastKnownGood), which is relatively easy because it involves just copying a segment of a file. If the data were stored in a hundred or more tiny files, making this copy would have a huge performance impact on boot-up.

The Unix answer to this question is to either hard code the information right into the executable (most binary installations must go in specific directories) or write out a file in some proprietary format, and that doesn't solve the problem that the registry was initially designed for -- to manage all of the components of a distributed object system (OLE) where none of the components needs to know where any other component is installed or what it can do.

Quite honestly, I think the registry is a good solution to the problem of where to store lots of configuration data. Unfortunately its growth has not been managed, and is now a mess. Still, doing a search in regedit for some configuration is much easier than trying to grep the filesystem for something.

dom

Re:Operating Systems Aren't Amazing Anymore

[Keeper]

And what has Google done that is so amazing? All they've implemented is a glorified "edit->find". There was that email thing that ... has more storage than their compeditors. Hmmm ... well, there was that map thing ... that is like all the other mapping services. Froogle? Wait, that is pretty much like pricewatch.com ... Google news? Nope, just another news aggregation website.

I wonder if Google will ever do something that doesn't involve sticking a search engine on top of some existing technology. /sarcasm off

The stuff is amazing because it is mind boggling hard, not because it is a gigantic leap. The easy problems in computer science are done. You aren't going to see fantastic leaps like you did when the industry was still in its infancy.

Re:Transcript (Just Intros - Working On The Rest)

[zootm]

To be fair, the material on Channel9 tends to be informative and more than just "advertising" in most cases — the technicians and so forth they interview are enthusiastic but mainly wanting to get across the things they've been working on (as technicians do). I've seen plenty of sites with interviews of *nix professionals and so on, and I wouldn't say they were more or less "advertising", on the whole.

The interviewers on Channel9, however, tend to be massively overenthusiastic to the point of hilarity. Note how he replies to I've been working on where the hardware meets the software with Excellent!. It is irritating, but then that's why I don't watch a lot of video online. :D