Once upon a time, operating systems managed the resources of computers, and that was about it. But after the PC revolution, most software makers started subscribing to the theory that bigger means better. But does it?

Historically speaking, software vendors generally designed operating systems to manage the resources of computer systems rather than providing helpful end-user tools -- at least in the beginning. Operating systems of the past didn't come bundled with a lot of end-user functionality.

In the past, computers typically had very specialised uses -- software makers didn't design computers for use by the general population. That, of course, was prior to the advent of personal computing, a revolution that sought to make computers accessible by the masses for whatever they wanted to do.

Once people had access to computing on their own terms, the idea of generalised computing took hold. Operating systems of the past with command-line interfaces began to give way to point-and-click graphical user interfaces. In addition, vendors kept piling more and more features into their operating systems. But exactly what functions should an operating system provide?

If you remember working with older operating systems, such as CP/M, MS-DOS, and PC-DOS, you know how different applications once were. With the notable exception of MacOS, software vendors simply layered early personal computer graphical interfaces onto the underlying operating system.

In fact, Microsoft just layered early Windows versions on top of MS-DOS, and even OS/2 was more of a "command-line" operating system with a layered GUI. And let's not forget X-Windows, which remains layered on top of the operating system rather than being a part of it. Microsoft decided to change tactics beginning with Windows NT, and it began featuring an "out-of-the-box" GUI.

But it's important to remember that Windows is more than just an operating system -- it's a complete environment bundled with a variety of general-purpose software and features. And it's these other "features" -- not the core functions of the Windows operating system -- that generally make Windows insecure.

While it's generally true that separating the OS functions from the GUI and applications doesn't inherently affect Internet security, it actually does in the case of Windows. Out of the box, most Windows systems are vulnerable to a variety of Internet security risks -- due primarily to the applications and functionality bundled and buried within Windows rather than the core OS itself.

For example, how many home computer users really need to have NetBIOS enabled by default and accessible over TCP/IP? (Not that many.) However, Microsoft decided to enable NetBIOS by default, leaving millions of computers at risk to well-reported worms and Trojans. And that's just one of many specific examples of enabling unnecessary features, which most users never even know are there.

More than 10 years ago, I wrote about the dangers of including too much functionality in the Windows 95 operating system. Part of my apprehension was due to the danger of Microsoft's software bundling shutting out independent software, a concern that wound up becoming true.

However, an even greater concern was the blurring of the distinction between features that an OS needs to provide and the additional components and applications that users choose themselves. Windows enables vulnerable features without the knowledge or direct control of the typical end user, and typical end users don't know how to protect themselves from such risks.

Making computers easier for people to use does not include enabling features that make a computer vulnerable the moment it connects to the Internet. For my money, I'd like nothing more than to see a "cafeteria" version of Windows. Such a version would be something that gets the computer going with only the bare essentials required to start Windows -- and that allows me to choose everything else in detail.

Had Microsoft created such a Windows version 10 years ago, we wouldn't have the problems with Internet security that we have today. Microsoft is capable of producing such an OS, and it knows it -- yet it continues to fight a losing battle.

If Microsoft really wants the freedom to innovate and provide users with more choices, then it needs to go back to the basics with Windows. If I don't want Internet Explorer on my system, that should be my choice; if I want to use a different program to play media files, that should be my choice.

Microsoft continues to spend more time and more money fixing problems in applications bundled with Windows than it should. Putting too much functionality into Windows was a mistake, and everyone knows it -- and it's time Microsoft accepted it.

TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to e-mail to firewalls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.

©2005 TechRepublic, Inc.