Comment by cjblomqvist

Probably because Explorer hosts shell hooks which can potentially execute arbitrary code.

Just one example: File icons or thumbnails can be dynamically generated by shell extensions based on the file contents. A maliciously crafted file could potentially exploit a vulnerability in such a shell extension.

> For the life of me I cannot understand why Defender blocks Explorer.

I suppose if you wanted to find out, you could use dtrace/ETW.

Explorer has other things going on, though, including other apps that hook into it (shell extensions, like Adobe Reader, TortiseGit/SVN, and so on) which can certainly cause performance issues.

File system filter drives apply to all (RW) file systems on Windows. It's not exclusive to NTFS or ReFS.

Windows has an extensible model. It's a different approach from most (all?) other OSes. It offers a different set of features.

Sure, AV could perhaps be done in a different manner that would be more effective/faster, I can't comment on that as I lack the insight required -- only MSFTies that work on kernel code could respond in any authoritative way.

The MFT describes resident (in-MFT) metadata about files, or non-resident (external to the MFT, but the MFT has a pointer) if the metadata does not fit within the MFT. The MFT itself is a database; Windows makes use of file system caching, be it in-memory or another caching mechanism, like on-device disk cache.

> Turns out there was zero difference, or negligible (Windows won), between compilation times.

I think there was something seriously flawed in your test. If you Google for a minute, you find multiple posts on how moving the same builds to Linux led to performance improvements in the range of 40% drops in build times.

Some anecdotes even compare doing the same builds in Ubunto with NTFS to see double-digit gains.

NTFS is notoriously awful in scenarios involving reading/writing many small projects. This is the bottleneck in Windows builds. There is a myriad of benchmarks documenting this problem.

Nowadays there are plenty of cross-platform projects to serve as benchmarks. Checking this can be as easy as checking out a project, start a full rebuild, and check how long it takes.

For the most part the two are pretty equivalent in performance, it's particularly constant blocking on small file IO where Windows falls way behind. Also a bit in the "tons of cores" and "tons of networking" categories but not as nearly as bad as small file IO.

Love that your boss was open to the idea but also wanted data to back it up. (imagine a slow clap)

You can't have windows laptop without running a ton of Antivirus and other crapware .e.g MS store, HP/Dell diagnostics and MS Teams. If you factor that in, Linux will win everytime.

Were all your tests pure unit tests? Then sure—the OS isn’t getting in the way (and if your Linux distribution didn’t set the correct cpu scheduler, windows could be faster!)

If, however, your tests make any filesystem calls or fork a child process, there’s slim chances that Linux doesn’t absolutely trounce Windows.

To throw in a morsel of anecdata: same laptop with a dual boot runs the PhotoStructure core test suite (some 11,000 tests which have a pleasing melange of system and integration tests, not just unit tests) in 8m30s on Windows 11. Almost all the same tests complete in 3m30s on Linux.

Seems weird to base the argument on compiler performance alone. I'd think that developer tools will be a much bigger factor for the time difference but that depends on what you are used to.

Anecdotally though, git is unbearably slow under Windows and compiles make all filesystem operations lag while I have never seen such problems under Linux.

Yeah sorry, I left out a lot of details for a quick anecdote. It was Java compilation, so the different JDK's may've made a difference (almost certainly). But I figured the better file system handling etc etc would've gone in favour of Linux, versus Windows.

In any case it wasn't much of a fun codebase. But I think a good lesson was, always test it, always measure. Not casting shade on either OS.

Much of the cost is imposed by semantics and the security model; there's no silver bullet solution that can be imposed without turning it into a different filesystem with different semantics and/or on disk representation.

At one point they planned to replace it with a database filesystem, but that was too complicated and abandoned. That was probably the end of replacement work on NTFS. https://en.wikipedia.org/wiki/WinFS

> Why wouldn't they work on improving NTFS performance instead?

There are other old-school techniques which are far easier to implement and maintain, such as using RAM drives/partitions. Expensing 32GB of RAM is simpler than maintaining weird NTFS configurations.

Splitting your project into submodules/subpackages also helps amortize the impact of long build times. You can run multiple builds in parallel and then have a last build task to aggregate the all. Everyone can live with builds that take 5 minutes instead of 3.

Even Microsoft doesn't touch NTFS code (if they haven't lost it). All new file system features like new compression methods are implemented on layers above ntfs.

Because likely they aren’t a. allowed to, and/or b. have no file system code experience or understanding.

Not excluded, but the scanning in a dev drive is asynchronous rather than synchronous.