Slashdot Mirror
Running Windows With No Services
mattOzan writes "So how many of the almost 4 dozen default-enabled services does Windows XP really need in order to preserve basic functioning, like web surfing and running applications?
Zero, as it turns out.
Mark Russinovich at Sysinternals demonstrates that if certain steps are followed, Windows XP will still run with only two active processes: System and Csrss.exe. No Smss.exe, Winlogon.exe, Services.exe, Lsass.exe...
And, contrary to the expectations of various lead engineers at Microsoft, even Internet Explorer will still work under such conditions."
I would have to wonder what DOESN'T work in this state rather than what DOES.
If you need web hosting, you could do worse than here
So, how would Debian stack up with all the init scripts disabled?
I'd rather you do it wrong, than for me to have to do it at all.
Seems like an awful lot of work to kill some services. Personally I think starting in runlevel 3 is much easier, maybe Windows should think about going to a CLI-only interface for some of us uber-geeks out there. That'd gain them some respect in my book.
I wonder how this well XP will run on qemu with all of those services turned off? There is very little I need from windows and I wonder if this would help with those final annoying things I need from windows at home.
Anyone know what a similar exercise looks like for Mac OS-10.4? It is not, shall we say, exactly a speed demon and it would be nice to know what could be safely turned off when one is running CPU-intensive processes. Thanks.
"All successful systems accumulate parasites" -- Hal Hixon
Interesting...so you can kill almost everything.
I wonder if you can automate that.
And then, I wonder if you can provide the functionality that goes missing by running your own services. Sort of subverting Windows from the inside, and giving you more control over it.
But then, I'm not that interested. I've got my control. Total control. Without having to wrestle it from Windows.
Please correct me if I got my facts wrong.
A favorite sci-fi book from my youth had (something similar to) this to say ...
... but it seems to vanish before I can grasp why .....
"As the scientist dug deeper into the structure of the atom, he found out that underneath the quarks, etc. there was nothing - just emptiness."
Seems to me that this applies in some way
I'd be more interested in selectively turning off services to make Windows as fast as possible.
I don't like how programmers bloat their programs; how the programs expand to fill the speed and HD capacity of the modern computer. I have half a mind to install DOS 6.22 and Windows 3.1 on my 1.2 GHz box. Fewer unnescessary services, and programs really will open instantly.
Speed is the very reason my default photo-editing client is Paint Shop Pro 4, not Photoshop Elements. Why the hell should I wait minutes for a program to load? What is this, 1980?
"Live as if you'll die tomorrow." Ridiculous. You could die later today.
Can this squeeze a few more frames per second out of my favorite games? How much RAM does this free up? As the user of an out of date laptop, I'd boot into a CLI if it meant it could significantly drop system requirements for best performance. I'm not enough of a penguin head to do it in Linux yet. (btw, I read the article and realize it's not practial, still a neat idea)
"Common sense will be the death of us all"
On this same topic (sort of), has anyone tried stripping out Microsoft's own implementation of file/print sharing from Windows and running Samba instead under Windows? It seems like that would go a long way towards interoperability.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
You clearly haven't been using a system recently that's been riddled with spyware,
So we're supposed to blame MS for Spyware? Windows doesn't ship with system-crashing spyware, and it's not even like viruses are its primary way in. Most spyware is willingly installed by clueless users.
My Windows machine at work is currently at 221 hours of uptime. I don't even remember why it was rebooted prior to that, but it wasn't because of a crash. The current version of Windows XP is pretty stable if you ask me - not as good of a 24/7 OS as most *nix's, though not for reasons of stability. Its interface is not designed for keeping large numbers of applications open at once, and it doesn't seem to handle memory all that well at this point (this used to be one of its strong suits compared to other OS's). But it doesn't crash unless you do something stupid (like install spyware) to make it crash.
Unless of course you kill the mingetty daemons . . .
Not that I'm totally sure what would happen if you killed one of the 24 processes associated with the kernel . . .
Better yet, why run explorer.exe in the first place?
From memory (haven't done this for some time, so I could be a bit off...)
Start Regedit, find HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ Winlogon, Change the value of Shell from Explorer.exe to cmd.exe.
I'm going to go back in my box and will think within the limits of my box: MS Sucks Linux Good I read too much Slashdot.
I too tried turning off some non-essential services and ended up with>
1. The system taking FOREVER To start up
2. Some increidbly bizarre quirks.
3. Turning services back on didn't resolve the problem.
I realized it just wasn't worth my time on Win2K. darn, and I honestly didn't need to be running fax services either.
Later on in life I found myself having to do it on WinXP when it was pretty much running at 100% CPU power, just about every minute of operation for no reason.
Dell pcs ship with at least TWO pieces of known spyware that even MS Antispyware flags as critical.
And I'm talking about RECENT Dell optiplex and above... not some ancient POS like emachines or such. (which all ship with windows and spyware) and on the upside, explorer still comes with Alexa which IS known spyware.
" What luck for rulers that men do not think" - Adolf Hitler
Sure, but you could easily enabled networking and make the drives writable. That is really just two commands. (three if you want a default route).
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
On your typical Joe User system with broadband, your point is laughable at best. I have seen far too many typical Joe Users with system that are just "owned" by spyware/adware/malware/viruses. I live 1,300 miles from most of my family. Their systems are really, really bad. Every time I fly up to see everyone, I really an just doing "Windows admin" tasks for everyone. It is pretty sad that MS Windows allows a typical Joe User to totally destroy their system so easily, especially if those Joe Users use the "recommended"/"preferred" MS software of IE and outlook express.
Yes, technical users can lock down their home WinXP systems. My corporate WinXP dev workstation has not been rebooted for a long time and runs well (with the exception of explorer.exe crashing every time I log out!); This is at a fortune 500 that has spent 100's of thousands if not more on security (on a side note, we just spent a lot on an SSL VPN (in addition to our traditional VPN) solution so that any of our users that want to access our intranet from home need to go through that SSL VPN. Why did we buy this? Because we have 140,000+ employees and the _majority_ of those home users had viruses that were trying to get into our network and we had to protect our MS Win based servers (not our Linux or Solaris servers)! The majority of our non-technical home users had viruses running MS Windows!). My home WinXP system runs very well because I have protected it with a hardware firewall and a Linux firewall and locked down my wife's login account to just "Power User" so she cannot totally kill the system.
Now try to get the millions of Joe Users to implement these types of restrictions/securities/etc and see the backlash. They just won't/can't do it. The tasks are just too technical for most. The funny thing about all of this is that most Joe Users _do_ have some type of security. Many of them have Norton "firewall" or some other end-user type "protection". It is just funny how most of them _still_ are able have their systems destroyed in an average of 2-3 months or so.
Of my family members, so far I have gotten my brother-in-law to switch to Mac OS X (he is a photographer and wanted Mac anyway) and my sister to switch to Linux (web/email junkie only). I wrote down the root password for both of them, though they have no clue what to do with that root password. Both of their systems are still chugging along without issue. I can logged into each system every so often thanks to dyndns.org and I apply patches. I tried to do dyndns.org on some of my families WinXP boxes, however, they were getting infected faster then I could patch/clean them. It really is much easier for me to go North once a year with a bootable Linux CD and burn backups of their personal files and then do a restore, than to try to admin all their systems remotely.
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
have been providing facts and utilities for years now, in the face of threats and obfuscation. Those with long memories will remember how they exposed the fact that NT Server and NT Workstation were the same binary product, but with different marketing and license terms, back in the mid-1990s.
Probably you can automate this by using some windows scripting and the Process204.zip program from the Fine folks at BeyondLogic.org http://www.beyondlogic.org/
This may be useful for maintenance purposes, as some posters commented in the article's comments zone. Not that is very wise to run a machine like that all the time, as the article itself says.
But what I like the most about this, is that the article shows that WinNT 5.0 (A.K.A. Windows 2000) and WinNT 5.2 (A.K.A. Windows XP) can be trimmed down to a bare minimum. Another mith debunked.
Other of my pet peves comes from the dos era. The slashdot crowd used to say that DOS can not mount a drive into a a directory to form a unified directory tree like in Unix. This was false then (please see the description of the JOIN command mor the method in DOS). The functionality was present in Win95 and 98, but seems absent in 2000 and XP.
Miths like this abound on Slashdot and are repeated time and time again, until they become truth. Check first, post later.
*** Suerte a todos y Feliz dia!
As was noted in a comment to his blog, this technique can be used to kill Winlogon.exe. The most annoying and insidious malware is hooking itself into this process which, ordinarily, isn't even killed by booting into any of the "safe" modes. Man, if Adaware can run in this mode, my prayers are answered.
Now, the fact that Winlogon.exe can actually be subverted by malware is another story entirely...
Of course they would say they are surprised that Internet Explorer would work under these conditions. Remember that one of the claims in the antitrust trial was that due to the architecture of the system, it basically wasn't possible to remove IE from the OS.
My.. my friend (yeah, that's the ticket) was messing around with a program to try to disable the copy protection of the latest splinter cell game, and to do that, the program "un-hooks" your physical CD drives. he accidently clicked the wrong button and the hard drives were disabled. Windows kept running. He could open "My Computer" and all it had was "Shared Documents" and "User's Documents" windows crashed a few minutes later and was back to normal on reboot. Never did get the game working, though.
Not a Twitter sockpuppet... but I wish I was.
"The drivers are run at kernel level for speed reason as user mode would give a major performance hit."
I can see that with the video drivers.
What about everything else?
Do I need my sound card to run at kernel speed?
The hard disk driver?
Even the NIC card?
I don't think so. The CPU is spending most of its time idle on most machines, so why do drivers for SLOW HARDWARE have to be running at kernel speed?
Because some designer thought it was a good idea back in the 286 days?
Modern OS's do not allow user space to control the hardware. Why allow drivers to take control of the system totally away from the OS?
The biggest annoyance I have with Windows (and even with Linux to a lesser degree) is how it can go wool-gathering for several minutes when some app is trying to do something with hardware that isn't responding? Even Task Manager isn't responsive.
On most mainframe OS, no matter what the hardware is doing (because it's being controlled by an external controller, mostly), the OS can be woke up with a couple keystrokes. This needs to be done on PCs. The point of a preemptive OS is that it can regain control of the system on its terms - which means it's responsive to the USER, not the hardware. Which keeps the USER in control.
Putting drivers outside the OS's control is just dumb design - let alone letting any moron at any hardware company write one and then install it at kernel level. That's just plain idiocy.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
disable those services but keep it functional:r vicecfg.htm
Windows XP Home and Professional Service Pack 2 Service Configurations by Black Viper http://dhost.info/kyeu/mirror/blackviper/WinXP/se
Mongrel News all the news that fits and froths
98Lite? http://www.litepc.com/
Brilliant! Allow home-grown tagging for an anchor,
use the URI as the anchor text, but still append
a stupid [foo.com]. Brilliant!
Were that I say, pancakes?
1. It encourages people to reboot. (i.e., as intended)
2. It causes people to delay installing the patches because, well, they have to reboot in the first place, and they get sick of the nagging.
So the result is that most people do what I've done, which is "download updates for me but let me choose when to install them." The problem is that a lot of the time they'll wind up not installed. (*I*'ll install them, but God only knows about Joe Bob.)
This kind of thing is rampant in the Windows world. For example, Norton Antivirus (I think it is) has an option to do automatic virus scans on a schedule. This is a GOOD thing. It should be done. Unfortunately, since it doesn't run with the equivelent of a "nice 20" and it insists on hogging the console as well (until you background the thing), a lot of people, including me, just turn the autoscan feature off.
The one exception to this is probably firewalls. When firewalls do this kind of thing and don't play nice, they do it ONCE for an application most of the time, so it doesn't become annoying. Sure, it might crash the whole freaking 3D app when it unceremoniously grabs the desktop to pop up a little bubble dialog, but it should happen once if at all, and that's it. So it isn't the same thing.
Now, while we're on the topic, I might as well get my post downmodded by saying something that Windows tends to do well that I like. Well, Windows specifically doesn't do it, but the various firewalls out there do. You authorize *applications* to either access the net or not, which is nice. Granted, it isn't all that you need for a decent firewall, but it would be nice if Linux made that kind of enforcement fairly transparent. (Of course, make the admin have to turn it on. Don't do it by default or all sorts of stuff will break.)