Turning the Windows Aircraft Carrier

Opinion: Making big changes to big and important products without disrupting your customers too much takes a long time.

When a company gets as big and important as Microsoft, everyone has legitimate gripes against it. To some degree its like dealing with the phone company; theyre big and impenetrable and, unless you seek a path off of the mainstream, you have to deal with them.

Deb Shinder (a Microsoft MVP, at least for now) wrote up her top 10 gripes about Microsoft. I agree with some more than others, but one line in there caught my attention:

Lately the company seems to be listening too closely to the open sourcerers. Theyre trying to make Windows more like *NIX - not just in good ways (such as more security) but in all ways, such as making new products command-line oriented. The biggest complaint I hear about Exchange 2007 is that many of the tasks that used to be easily accomplished in the GUI now require you to go to the command line. The original point of Windows was that it provided a graphical interface. Most of the people who buy Windows do it because they dont want to deal with all that command line stuff. Sure, throw in command line support for us geeks, but give it to us in addition to the rich GUI, not in place of it.

/zimages/1/28571.gifMicrosoft has released a feature-complete, third beta of their Longhorn server operating system, with the ability to simplify administration tasks via improved event logging, task scheduling, enhanced remote management and the scripting capabilities of Windows PowerShell. Click here to read more.

I think Debs a bit extreme here, especially with the "open sourcerers" crack, but shes got a point. On the server end, Microsoft is trying to make its products more UNIX-ish. This is both good and bad, and the company is going about it in its usual idiosyncratic way.

eWEEKs Jason Brooks recently pointed out some of these, also expressing disappointment with Microsoft along the way. Jason mixes a few related Longhorn topics together, principally virtualization and what is called "Longhorn Core"—a feature that is both exciting and sorely disappointing. For Jason, Microsoft isnt UNIX-ish enough.

Longhorn Core is a special edition of Longhorn stripped down to a minimum of components necessary for a selected set of server roles. Of course, Linux has always been far more modular than Windows and has always had the ability to let the admin pick and choose what was in the installation. Ive worked on some very small Linux installations that had just a few commands available to them.

A Windows Server like that would greatly improve security for reasons which are part of the official security religion at Microsoft: decreasing the attack surface. The less complex an installation is, the less chance that some stupid, unnecessary component (such as animated cursors) could be used to compromise it.

Longhorn Core takes this approach, but the usefulness of it is greatly limited by the limited modularity of Windows. The first role I thought of for it was a Web server. To follow Jasons example, multiple virtual stripped-down Longhorn Web servers running on one box would be wildly popular in certain markets such as hosting. But IIS has some component dependencies that required the .NET Framework, as does PowerShell, and Microsoft didnt want to put the whole .NET Framework on Core. Look for a more modular .NET Framework in the future to make these things possible.

This is disappointing, but I dont think the issue is so much making Windows more like Linux. In fact, Deb Shinder has a point that its easy to go too far with that. Microsoft needs to make Windows better and more secure, which doesnt necessarily mean that a Linux model to follow. "Better" and "more secure" mean different things to different people.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

/zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

More from Larry Seltzer