very interesting article, a few quotes:
Another of his themes was MinWin, a lightweight version of Windows whose purpose has sparked speculation. MinWin exists, he said, and contains the minimum necessary to boot and access the network: kernel, file system driver, device drivers, services and TCP/IP stack. It amounts to around 150 binaries, and requires 25MB disk space and 40MB RAM.MinWin is handy for setup and system recovery, but its real purpose is to introduce what he calls “architectural layering” to Windows. Microsoft needs small footprint versions of Windows, both for embedded use and for the GUI-free Server Core edition. The problem is that the operating system is full of internal dependencies, and as Russinovich admitted: “We don’t really understand those dependencies”. ??? ??? ??? ;D
Engineers have added features to low-level APIs that assume the presence of dynamic link libraries (DLLs) that belong with higher level APIs, and when you try to extract just those low-level components, they break. MinWin is a first step in making Windows layered, maintainable and understandable.
Russinovich also spoke about the contentious User Account Control (UAC), which prompts the user to approve actions that should require administrative rights. "UAC is not an anti-malware solution," he said. "If you think you are safe from malware because you are in one of those prompting modes, you're wrong. If malware gets on your box, and you are admin, you must assume that malware will gain admin rights."Proving the point, he showed how a genuine, signed Microsoft executable might load a malicious process, invisible to the user. So what is the point of UAC? “It is about one thing, which is about getting you guys to write your code so that it runs well as standard user.”