Slashdot Mirror
Running Windows With No Services
mattOzan writes "So how many of the almost 4 dozen default-enabled services does Windows XP really need in order to preserve basic functioning, like web surfing and running applications?
Zero, as it turns out.
Mark Russinovich at Sysinternals demonstrates that if certain steps are followed, Windows XP will still run with only two active processes: System and Csrss.exe. No Smss.exe, Winlogon.exe, Services.exe, Lsass.exe...
And, contrary to the expectations of various lead engineers at Microsoft, even Internet Explorer will still work under such conditions."
The bottom line is that this stripped-down Windows configuration is not practical, but makes a cool demonstration of just how little of Windows is required for basic functionality.
- There will be a delay before Explorer redraws the desktop
- won't be able to logoff
- Networking is also crippled
I don't think this stripped-down Windows provides even the most basic functionality expected by many users nowadays.It's like patients are treated as long as their hearts are beating, even though everything else has shut down.
Rock that crushes, Paper & Scissors that don't matter.
Hmmm. Define "work"...
Seems like an awful lot of work to kill some services. Personally I think starting in runlevel 3 is much easier, maybe Windows should think about going to a CLI-only interface for some of us uber-geeks out there. That'd gain them some respect in my book.
As long as we can get BSODs, windows basic funtionality is assured.
I wonder how this well XP will run on qemu with all of those services turned off? There is very little I need from windows and I wonder if this would help with those final annoying things I need from windows at home.
Obviously the final result, a dubiously functional installation is not really groundbreaking for end-users, but there's much to be said for turning off the many services that ship enabled as default with Windows XP to gain both the performance and security benefits. Knowing whats running, what it's doing, and whether its really neccessary is a good step towards maintaining a system which has a low attack profile and is reasonably secure.
Business Voyeur
In The Olden Days, you could install a Linux disto without 10,000 daemons running... ah, those were the days... Linux was noticably faster than Windows out of the box! ;)
Agile Artisans
So wait a minute...
Are they saying that, even without all that crap that normally get started...it still crashes?
Or is that not what they mean when they say Windows works?
Please correct me if I got my facts wrong.
Really? Does it? Isn't this just an old joke with not much fact to back it up anymore?
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Anyone know what a similar exercise looks like for Mac OS-10.4? It is not, shall we say, exactly a speed demon and it would be nice to know what could be safely turned off when one is running CPU-intensive processes. Thanks.
"All successful systems accumulate parasites" -- Hal Hixon
For running games, if you really care about it, you can CTRL ALT DEL and close explorer.exe. Then, run the game from the 'run' menu in Task Manager.
You probby won't notice any speed difference.. But your penis will be larger.
--- We need more Ron Paul!
the majority of people reading this will not wonder even Internet Explorer will still work under such conditions but if Firefox will still work under such conditions
do.what.promptcmds
Take a look at Black Viper's list of WinXP SP2 services.
UNTRUE! I just tried his suggestion and it didn't work AT ALL!
As long as we can get BSODs, windows basic funtionality is assured.
In Windows Vista it's a Transparent Ice Blue Screen Of Death, and it's tabbed.
You're still hosed, but it looks nicer.
-- Tigger warning: This post may contain tiggers! --
Do you know who Mark Russinovich is? Besides writing key books on windows published by Microsoft themselves he is also a very important member of the windows developer community. There is no way in hell Microsoft would want to make him an unsatisfied customer. If they really didn't like what he is doing I bet that they would try to bribe him with large sums of money to stop instead.
Philosophy.
Apparently Microsoft Genuine Advantage is one of the services you can disable.
Any man who afflicts the human race with ideas must be prepared to see them misunderstood. -- H. L. Mencken
Interesting...so you can kill almost everything.
I wonder if you can automate that.
And then, I wonder if you can provide the functionality that goes missing by running your own services. Sort of subverting Windows from the inside, and giving you more control over it.
But then, I'm not that interested. I've got my control. Total control. Without having to wrestle it from Windows.
Please correct me if I got my facts wrong.
It just goes to show you how twisted and obscure Windows is. Even Microsoft's own people don't know how their operating system works. How can they expect to keep it reliable and virus free if they don't even understand what processes need to be running?
Well I doubt Russonivich has anything to worry about, he's one of the people that wrote the "Windows Internals" book from the Microsoft press.
Now that aside Windows integration is considered a GOOD thing by most normal users. That's one of the frustrating thing about Linux/UNIX form their perspective. There's a million options, and they have no idea what they need or want. What's more, if they make the wrong choice something might not work, since it depends on something else.
That's why Windows, and OS-X ship with so much integrated. They are targeted at users that want to be told how it is. They don't want a choice of 10 window managers, they want to have one that just comes up by default.
Now if you like the BSD way of doing thigns, that's cool, but don't assume that it applies to everyone.
Building from source is another great example. Linux people tend to see this as the best feature of Linux, that you custom compile things, and you don't have to worry about binary compatiblity. Newbies tend to see this is one of the worst features. Compiling is highly intimidating, as they don't understand what's going on. What''s worse, if something happens, they can't fix it, they don't know how to edit make files, or update headers, etc.
The Windows method is more targeted at the masses, have an enriched OS that isn't just defined as it's kernel, but it's APIs, GUI, media layer, and basic apps. Linux is a minimal approach that defines only the kernel, leaving everything else up to the option of the user.
Both are valid, and don't assume yours is the superior way.
Sysinternals is teh r0ks0rz!
No, seriously. If you don't know this, they have a utility called "Process Explorer" for Win32. It's like top on steroids. Actually, its vastly better than top, or any other process monitor I've ever seen. It will show you pretty much everything there is to know about a running Windows process; file handles, TCP connections, you name it. Its small, fast, mercifully lacking a "setup" and free.
They've got a bunch of other stuff for Windows I now consider essential. Check them out.
Lurking at the bottom of the gravity well, getting old
You clearly haven't been using a system recently that's been riddled with spyware,
So we're supposed to blame MS for Spyware? Windows doesn't ship with system-crashing spyware, and it's not even like viruses are its primary way in. Most spyware is willingly installed by clueless users.
My Windows machine at work is currently at 221 hours of uptime. I don't even remember why it was rebooted prior to that, but it wasn't because of a crash. The current version of Windows XP is pretty stable if you ask me - not as good of a 24/7 OS as most *nix's, though not for reasons of stability. Its interface is not designed for keeping large numbers of applications open at once, and it doesn't seem to handle memory all that well at this point (this used to be one of its strong suits compared to other OS's). But it doesn't crash unless you do something stupid (like install spyware) to make it crash.
This is great! Love the screenshots too, but WTF is that system idle process running at 99% !!!???!!! Jesus H that thing is a hog! Does anyone know how to kill it? I don't want to burn out my CPU...
Blarf.
My Windows machine at work is currently at 221 hours of uptime.
I was just about to reply to this to say how either you must be lying, or else your system must be horribly insecure because you don't reboot it for the monthly critical updates. Then I noticed you wrote 221 hours and not 221 days.
Usually uptime is measured in days!
I'll probably be modded down for this...
On your typical Joe User system with broadband, your point is laughable at best. I have seen far too many typical Joe Users with system that are just "owned" by spyware/adware/malware/viruses. I live 1,300 miles from most of my family. Their systems are really, really bad. Every time I fly up to see everyone, I really an just doing "Windows admin" tasks for everyone. It is pretty sad that MS Windows allows a typical Joe User to totally destroy their system so easily, especially if those Joe Users use the "recommended"/"preferred" MS software of IE and outlook express.
Yes, technical users can lock down their home WinXP systems. My corporate WinXP dev workstation has not been rebooted for a long time and runs well (with the exception of explorer.exe crashing every time I log out!); This is at a fortune 500 that has spent 100's of thousands if not more on security (on a side note, we just spent a lot on an SSL VPN (in addition to our traditional VPN) solution so that any of our users that want to access our intranet from home need to go through that SSL VPN. Why did we buy this? Because we have 140,000+ employees and the _majority_ of those home users had viruses that were trying to get into our network and we had to protect our MS Win based servers (not our Linux or Solaris servers)! The majority of our non-technical home users had viruses running MS Windows!). My home WinXP system runs very well because I have protected it with a hardware firewall and a Linux firewall and locked down my wife's login account to just "Power User" so she cannot totally kill the system.
Now try to get the millions of Joe Users to implement these types of restrictions/securities/etc and see the backlash. They just won't/can't do it. The tasks are just too technical for most. The funny thing about all of this is that most Joe Users _do_ have some type of security. Many of them have Norton "firewall" or some other end-user type "protection". It is just funny how most of them _still_ are able have their systems destroyed in an average of 2-3 months or so.
Of my family members, so far I have gotten my brother-in-law to switch to Mac OS X (he is a photographer and wanted Mac anyway) and my sister to switch to Linux (web/email junkie only). I wrote down the root password for both of them, though they have no clue what to do with that root password. Both of their systems are still chugging along without issue. I can logged into each system every so often thanks to dyndns.org and I apply patches. I tried to do dyndns.org on some of my families WinXP boxes, however, they were getting infected faster then I could patch/clean them. It really is much easier for me to go North once a year with a bootable Linux CD and burn backups of their personal files and then do a restore, than to try to admin all their systems remotely.
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
have been providing facts and utilities for years now, in the face of threats and obfuscation. Those with long memories will remember how they exposed the fact that NT Server and NT Workstation were the same binary product, but with different marketing and license terms, back in the mid-1990s.
Probably. But maybe he's running a system with a microkernel, which doesn't need to be rebooted to patch a root exploit.
Hell, maybe he installed a minimal version of Linux a year ago, and is using kernel modules for all the advanced functionality. There probably aren't any root exploits in that (what root exploits are there in the kernel, and not the apps, anyway?)
Which sounds quite nice for killing off spyware nasties/etc on the system...
No Start menu necessary! You just need to know the right options to rundll.
For instance, in Windows 98, it's:
C:\WINDOWS\RUNDLL32.EXE user,exitwindows
Google (along with a bit of experimentation) can help for other versions of Windows.
"I assumed blithely that there were no elves out there in the darkness"
Something is horribly wrong with my OS!
no, that was dvorak.