"Two Worlds" — Windows vs Linux, Versions & Licensing
Meridian Dynamics runs Windows workstations and Linux servers side by side. Priya needs you to understand both worlds and why they coexist.
The Windows Evolution: From DOS to Windows 11
Windows did not arrive fully formed. It evolved through decades of failures, rewrites, and hard lessons. Understanding that history is essential because many of the design decisions still in Windows today — good and bad — trace directly back to those eras.
The DOS Era (1981–1995): MS-DOS was a simple, single-tasking, command-line operating system. It had no built-in memory protection, no multi-user support, and no real security model. Programs had full access to all memory and all hardware. When Microsoft released Windows 1.0 through 3.11, these were not true operating systems — they were graphical shells running on top of DOS. If a program crashed, it often took the entire system with it.
The 9x Era (1995–2001): Windows 95, 98, and ME added a GUI, plug-and-play hardware support, and the Start menu. But underneath, they still relied on DOS and 16-bit code. Memory protection was minimal: a badly written screensaver could corrupt another program's memory, and a single misbehaving application could freeze the entire machine. These systems used cooperative multitasking, meaning each program had to voluntarily yield CPU time. If one program hung, everything stopped.
The NT Revolution (1993–present): While the consumer line limped along with DOS underpinnings, Microsoft was building something completely different in parallel. Dave Cutler, a legendary engineer recruited from DEC (where he built the VMS operating system), designed Windows NT from scratch. NT stands for "New Technology," and it introduced everything that makes modern Windows stable and secure:
- Protected Memory — Each process gets its own virtual address space. Process A cannot read or write Process B's memory. If a program crashes, only that process dies; the rest of the system keeps running.
- Preemptive Multitasking — The OS forcibly takes CPU time away from programs at regular intervals. No program can hog the processor and freeze the system. The scheduler decides who runs, not the applications.
- Security Subsystem — NT introduced access tokens, Security Identifiers (SIDs), Access Control Lists (ACLs), and the Security Reference Monitor. Every object (file, process, registry key) has an owner and permissions. Every access is checked.
- Hardware Abstraction Layer (HAL) — A thin layer that abstracts hardware differences so the same kernel can run on different CPU architectures and hardware platforms without modification.
Starting with Windows XP (2001), Microsoft unified the consumer and enterprise lines. XP ran the NT kernel underneath its consumer-friendly interface. Every version of Windows since then — Vista, 7, 8, 10, 11 — is built on the NT kernel. When you hear "Windows 10 version 10.0.19045," that "10.0" is the NT version number, a direct descendant of NT 3.1 released in 1993.
Windows Versions: A Comparison
| Version | Year | Kernel | Key Feature | Security Model |
|---|---|---|---|---|
| MS-DOS / Win 3.1 | 1981–1992 | DOS (16-bit) | First PC OS, command-line | None — full hardware access |
| Windows 95/98/ME | 1995–2000 | DOS + 32-bit hybrid | GUI, Start menu, Plug & Play | Minimal — no user isolation |
| Windows NT 3.1/4.0 | 1993–1996 | NT Kernel | Protected memory, NTFS | ACLs, user accounts, domains |
| Windows 2000 | 2000 | NT 5.0 | Active Directory, Group Policy | Kerberos, EFS encryption |
| Windows XP | 2001 | NT 5.1 | NT kernel for consumers, USB | Windows Firewall (SP2) |
| Windows 7 | 2009 | NT 6.1 | UAC refinement, BitLocker | Improved UAC, AppLocker |
| Windows 10 | 2015 | NT 10.0 | Rolling updates, Windows Hello | Credential Guard, Device Guard |
| Windows 11 | 2021 | NT 10.0 | TPM 2.0 required, Secure Boot | VBS, hardware-enforced security |
| Windows Server 2022 | 2021 | NT 10.0 | Secured-core, Azure hybrid | Shielded VMs, AD DS, LAPS |
Server vs Desktop Editions
Windows comes in two broad families: Desktop (Home, Pro, Enterprise) and Server (Standard, Datacenter). They share the same NT kernel, but their features diverge significantly:
| Feature | Desktop (Pro/Enterprise) | Server (Standard/Datacenter) |
|---|---|---|
| Active Directory Domain Services | Can join a domain | Can host a domain controller |
| Hyper-V | Client Hyper-V (limited) | Full Hyper-V with live migration |
| Remote Desktop | 1 concurrent session | Unlimited (with CALs) |
| Group Policy | Receives policies | Creates and distributes policies |
| RSAT Tools | Optional install | Built-in management tools |
| Max RAM | 2 TB (Pro), 6 TB (Enterprise) | 48 TB (Datacenter) |
| IIS Web Server | Limited (10 connections) | Full, production-grade |
| Failover Clustering | Not available | Supported |
| GUI | Always present | Optional (Server Core or Nano) |
Windows Licensing Models
Windows licensing determines how you legally acquire and deploy the operating system. Understanding licensing is critical for IT professionals because using the wrong license type can expose an organization to audit fines and legal liability.
| License Type | Who Uses It | How It Works |
|---|---|---|
| OEM | PC manufacturers (Dell, HP, Lenovo) | Pre-installed on hardware. Tied to that specific machine — cannot transfer to a new PC. Cheapest option. The key is embedded in the BIOS/UEFI firmware. |
| Retail (FPP) | Individual buyers | Purchased in a box or digital download. Can be transferred between machines (one at a time). More expensive than OEM. Comes with Microsoft support. |
| Volume Licensing | Enterprises, schools, government | One agreement covers many machines. Uses a Key Management Service (KMS) server or Multiple Activation Keys (MAK). Allows centralized deployment via SCCM or Intune. This is what Meridian Dynamics uses. |
| Per-Core Licensing | Server environments | Windows Server is licensed per physical CPU core (minimum 16 cores per server). Datacenter edition covers unlimited VMs; Standard covers 2 VMs per license. Ensures you pay based on computing capacity. |
| Client Access License (CAL) | Users/devices connecting to servers | Each user or device that accesses a Windows Server needs a CAL. User CALs follow the person (any device); Device CALs follow the machine (any user). Separate from the server license itself. |
The Other World: Linux
At Meridian Dynamics, the engineering team runs a fleet of Linux servers. Their IoT sensor platform, internal Git repositories, and container infrastructure all run on Ubuntu Server and CentOS. Understanding Linux is not optional in cybersecurity — most servers on the internet run Linux, and most security tools are built for Linux.
Key differences from Windows:
| Aspect | Windows | Linux |
|---|---|---|
| Source Code | Proprietary (closed source) | Open source (anyone can read, modify, distribute) |
| Kernel | NT hybrid kernel | Monolithic kernel (all core services in one binary) |
| Cost | Paid license (OEM, Retail, Volume) | Free (most distributions) |
| File System | NTFS, ReFS | ext4, XFS, Btrfs |
| Directory Structure | C:\Windows, C:\Users, drive letters | / (root), /home, /etc, /var — no drive letters |
| Permissions | ACLs (Access Control Lists) | chmod (rwx), chown (owner/group), POSIX ACLs |
| User Model | Administrator / Standard User | root (superuser) / regular users, sudo for elevation |
| Shell | cmd.exe, PowerShell | bash, zsh, fish |
| Package Management | MSI, MSIX, Windows Store | apt, yum/dnf, pacman |
| Enterprise Management | Active Directory, Group Policy, Intune | Ansible, Puppet, Chef, LDAP |
Linux uses a simple but powerful permission model. Every file has three permission sets: Owner, Group, and Others. Each set has three flags: r (read), w (write), x (execute).
chmod 755 script.sh means: Owner can read/write/execute (7=rwx), Group can read/execute (5=r-x), Others can read/execute (5=r-x).
chown priya:engineering report.txt changes the file owner to "priya" and the group to "engineering".
This is simpler than Windows ACLs but covers most use cases. For complex scenarios, Linux supports POSIX ACLs (similar to Windows) via setfacl and getfacl.
Why Cybersecurity Needs Both Worlds
The cybersecurity industry lives in both worlds simultaneously. Here is why:
Windows dominates the enterprise desktop. Over 70% of corporate workstations run Windows. Active Directory manages user identities, Group Policy enforces security configurations, and most business applications (Microsoft Office, ERP systems, custom line-of-business apps) are Windows-native. If you are defending a corporate network, you are defending Windows.
Linux dominates servers and security tools. The majority of web servers, cloud instances, and container hosts run Linux. Most cybersecurity tools — Nmap, Wireshark, Metasploit, Burp Suite, Volatility — were built on Linux first. Kali Linux, the most popular penetration testing distribution, is a specialized Linux system. Even Windows now includes the Windows Subsystem for Linux (WSL), letting you run a full Linux environment inside Windows.
Side-by-Side: Windows NT Architecture
Click any layer to explore its role in the NT architecture. Notice how the NT kernel introduced strict separation between user mode and kernel mode — the design that made Windows stable enough for enterprise use.
📅 Windows vs Linux: Architecture Comparison
📅 Windows Version Timeline
X-Ray Mode: 9x vs NT — What Happens When an App Crashes?
This simulation demonstrates the fundamental difference between Windows 9x and Windows NT. Watch what happens when an application crashes in each environment. This is why the NT kernel won.
Observation Lab: Comparing Two Worlds
slmgr /dli to check the Windows license status. What type of license does Meridian use? Is the system activated?Get-ComputerInfo | Select-Object WindowsProductName, WindowsVersion in PowerShell to get version info. What Windows edition and version are installed?wmic os get Caption, Version, BuildNumber to get OS info using the classic WMI command. Compare the output with the PowerShell command.systeminfo | findstr /C:"OS" to filter system info for OS-related lines. This shows you how to chain commands with pipes in Windows.powershell to see PowerShell switch and then try cmd to confirm you are in the Command Prompt. Notice how Windows offers two different shells.help to see all available commands in this lab terminal.