Retired engineer confesses to role in sliding Microsoft Bob onto millions of XP install CDs

'While Bob never got to play on the big stage, he always followed the band around and got to ride on the bus'


One anniversary unlikely to be marked within the bowels of Redmond is that of Microsoft Bob. However, a retired engineer has taken to YouTube to confirm that the unloved interface did indeed enjoy a second life as digital ballast for Windows XP.

Having spilled the beans on Task Manager back in May, the former Microsoft engineer used his "Dave's Garage" YouTube channel to admit his involvement in the insertion of Microsoft's disastrous early attempts at an assistant in the Windows XP installation CD.

Youtube Video

The story itself has descended into legend over the years. Long-time Microsoft staffer Raymond Chen posted the anecdote several years ago, cruelly remarking that "Bob was actually more useful dead than alive."

Chen explained that around 30MB of dummy data was needed to pad out the CD and the installer configured to check for this ballast. Bob was selected and, to generate an encryption key, the engineer responsible "just smashed his hand haphazardly across the keyboard."

That engineer, it appears, was Dave Plummer.

Plummer confessed to being quite the fan of Bob. After the project's failure, "I did what Microsoft couldn't," he said, and saw to it that the organiser was distributed on hundreds of millions of CDs rather than just the tens of thousands that officially found their way into the hands of users.

As well as the likes of Space Cadet Pinball, Plummer also worked on the first incarnation of Product Activation for Windows: "A necessary evil. Had to be done. Sorry about that."

The team was looking for a way of differentiating the XP install CDs, separating OEM versions from retail ones and so on. Thanks to the limited bandwidth of the day, Plummer just needed to find a way of ensuring those CDs were different by many megabytes of information: some digital ballast that could be encrypted and signed specifically to the CD version. The ballast's signature could then be confirmed to show the user was using the right disk.

"Where to find data that I knew we had a license to and that I trusted to be as precompressed as possible that I could then highly encrypt?" he mused.

Having worked on MS-DOS, Plummer knew that floppy images were as good as it got because, frankly, "floppies cost money." He also had a fondness for Microsoft Bob.

"I grabbed the compressed floppy images for Microsoft Bob and concatenated them into a single large Bob blob. I then encrypted the blob of Bob with several passes of different encryption tools and techniques, including a huge private/public keypair generated by a long sequence of random mouse movements, and so on.

"I did a few other procedures that I felt were important to the process, and out came a giant multi-megabyte blob of Bob that I could effectively treat as a root of trust on the CD. If you had the OEM blob, you could use an OEM license key. If you had a retail blob, you had to use a retail key."

Those hoping that, despite Microsoft's best attempts to kill XP, an army of Bobs might still be unleashed with just a magic password are in for disappointment. The key is multipart, the full password is needed, "and it's been 25 years and I never wrote it down."

Still, while Windows 1.0 may have generated a nostalgic moistened eye or two, rose-tinted spectacles do not improve the view of Microsoft Bob, even at this distance.

All of which makes Plummer's part of the jigsaw all the more sweeter: "What's ultimately important is that while Bob never got to play on the big stage, he always followed the band around and got to ride on the bus." ®

Similar topics


Other stories you might like

Biting the hand that feeds IT © 1998–2021