[asveikau]

It's great investigative work into Windows binaries, and I hope it gets addressed for the sake of people's disk space, but I think the tone is too harsh and overstated.

Example: He cites effects on startup time - but has he considered the existence of virtual memory? When explorer.exe loads and maps the bloat into address space, it doesn't need it in RAM until the first page fault accessing it which likely will not even happen.

[codys]

So that is true as long as all the bloat is contiguous. If it is spread out throughout the file (in such a way that bloat doesn't fill an entire page) it will still end up loaded. Or even if it is "unused", that doesn't mean something isn't scanning over it byte-by-byte.

In the happy case, yes, virtual memory will save us. But there are a lot of ways we could still end up loading the junk into ram.

Also, there are potential runtime costs to it being larger just on disk (need to seek over it, etc).

[withinrafael]

Most binaries in Windows are signed. This requires the loader to load each PE section, hash, do some number crunching, and compare the result -- which results in the entire file being loaded into memory before execution. This involves (potentially random?) disk I/O, which can be surprisingly slow on certain platforms (e.g. Xbox One, HoloLens, anything IoT, anything with eMMC).

[asveikau]

Fair point. Another reason code signing is stupid.