More facts and less hysteria on Vista, please!

In the latest round of hysteria to be written about Windows Vista, Don Reisinger regurgitates the usual hysteria about Windows Vista mixed in with a pinch of facts here and there.  Don spouts off the usual nonsense about sales, UAC, and even DRM.

In the latest round of hysteria to be written about Windows Vista, Don Reisinger regurgitates the usual hysteria about Windows Vista mixed in with a pinch of facts here and there.  Don spouts off the usual nonsense about sales, UAC, and even DRM.  Despite the fact that bashing Vista is quite the popular sport these days, I'm going to see if I can set him straight with an honest and factual assessment of Windows Vista.

Are Vista sales really poor? Everyone knows that Windows Vista retail box sales are poor, but does that matter when Microsoft relies overwhelmingly on sales to OEM PC makers?  If you focus only on the retail box sales, you're missing the real picture because Vista has sold more than 60 million licenses and ~78% of those sales are Vista Premium edition.  Don complains about Windows Vista Ultimate edition and I actually agree with him that it's overpriced and under delivers but Microsoft doesn't need to "save itself" if Vista Ultimate fails, more like an "oh well".

Does it matter if a few people revert to XP? Even if a whopping 20% of computer buyers downgrade and revert to Windows XP for whatever reason, that still leaves 80% who stay with Windows Vista.  That means hardware makers and ISVs (Independent Software Vendors) have to deal with Windows Vista now or later whether they like it or not if they want to stay in business.  The fact that 60 million copies were sold in the first 6 months since launch pretty much confirms Vista will become the dominant OS by default.

How about Vista drivers? There are no questions about it, a fair number of Vista drivers during the first 2 months stunk badly.  Vista implements a brand new driver model which offers a little more separation between the driver and the kernel so that a bad driver is less likely to crash the entire system.  The price for this is that there is a brand new learning curve and it took a few months for the hardware companies to get it right.  For the most part, everything is working well but there are still some older devices that don't have drivers and will never get drivers for Windows Vista and much of that is because the hardware vendors want you to buy new hardware.

Is it fair to expect a hardware company to write drivers for a 3+ year old device? Probably not.  Is it fair to expect users to buy new hardware because they can't get Vista drivers for a one year old device? Definitely no!  Reputable hardware companies that want to keep customer loyalty will go back as far as they can to create drivers for older hardware.  Was it Microsoft's fault that the drivers didn't work well at first?  Technically no but that isn't going to matter to consumers and they'll take their anger out on Microsoft and the hardware maker.  Fortunately, the driver situation has stabilized but it's always good to check for drivers before you upgrade a computer to Vista and before you buy a piece of hardware.

How about application compatibility in Windows Vista? There's no question about it, applications will break in Vista and it's probably the #1 reason some people are reverting back to Windows XP.  This is primarily due to the fact that many applications never followed Windows development guidelines set since 2000.  One of the worst offenders is Intuit which refused to properly write QuickBooks right up to the 2006 version.  Intuit never followed Windows development guidelines that have existed since Windows 2000 and XP for Windows logo certification and they - like many other software makers - used Vista as an opportunity to sell a new version of QuickBooks 2007.  If you bought QuickBooks 2006 or earlier, you were out of luck and it wouldn't run on your new computer and you had to buy QuickBooks 2007.

Microsoft asked developers for 7 years to clean up their act but drew the line in the sand with Windows Vista which comes with UAC (User Access Control) on by default.  That finally forced vendors like Intuit to properly code their application and not violate security best practices.  If UAC does nothing else and even if people turn it off, it has had the desired effect of cleaning up the Windows development community.

Vista and Internet Explorer 7 also breaks a lot of applications in the name of drawing a line in the sand for security.  Microsoft will get criticized for not getting rid of things like Active X but they'll also get criticized for breaking dangerous coding techniques and the vast majority of Active X controls have been disabled in Windows Vista by default.  There are still plenty of web applications that don't work inside Windows Vista and Internet Explorer 7 and vendors like Kodak will try to drag their feet but they will have to deal with it sooner or later unless they want to alienate the 60 million (since summer) and growing Vista user base.  My colleague David Berlind questions why Microsoft needs to break so many legacy applications and the answer is security.  It's a known fact that until something is hard broken, no one will change anything.  Is this going to be painful?  Certainly.  But it has to be done if we want a more secure computing environment.

<Next page - Vista Upgrades, DRM, and bogus comparisons>

Vista Upgrades, DRM, and bogus comparisons

Should you upgrade an old computer to Vista? I would have to say no 99% of the time.  Windows XP (a year 2001 OS) contrary to popular myth is actually very resource friendly compared to most other commercial desktop operating systems.  Most Desktop Linux distributions require a lot more resources than Windows XP and boot much slower.  Vista requires substantially more hardware resources compared to XP and a little more resources compared to a full featured Linux distribution but any new PC for as little as $200 can run Vista perfectly fine.

Vista does boot slower than Windows XP but every new PC with Vista I've built and tested boot Vista in 30 seconds (not including BIOS post) while XP will boot in 15 seconds (not including BIOS post).  While I'm disappointed that Microsoft didn't keep their promise to reduce boot times over XP, it is still substantially faster than most Linux distributions.  Microsoft will actually continue to sell XP for the emerging markets where hardware isn't up to the level of new computers and they continue to sell it for embedded devices.

On the whole, Vista is a bit on the bloated side for my taste compared to Windows XP and Microsoft should do something to streamline Vista and make it run smoother.  Windows Vista SP1 seems to be on track to do some of this but Microsoft really needs to do more.  This is why I tell people never to upgrade an older PC unless they're sure it's powerful enough and it has all the drivers available.  The poor retail box sales of Vista pretty much prove this assessment is universal but it doesn't change the fact that almost every new retail PC ships with Windows Vista and the vast majority of them will stay Vista.

Does DRM really limit Vista users? Don Reisinger says you can't back up your movies in Windows Vista but that flies in the face of reality.  Vista lets you playback DVDs and every other video format in the world with the right codec packs such as K-Lite and I've had zero problems backing up my DVDs using the exact same software I used in Windows XP.  Does Don expect DVD ripping software to come out of the box in Vista so they can get their DVD playback license revoked?  Windows Vista is the only OS (Operating System) that lets you play back commercial Blu-ray and HD DVD movies.  Blu-ray and HD DVDs use AACS which has a "managed copy" provision to allow you to backup your movies.  Then there those rumors that Vista DRM steals CPU cycles and makes your computer really slow but I debunked that here and here.  Fellow blogger Ed Bott does a wonderful job at dismantling all those DRM rumors here, here, and here.

Is Windows Vista like Windows ME? There are quite a few people making the comparison between Windows Vista and Windows ME (Millennium Edition) but those people clearly do not understand history or the present.  Windows ME was the last gasp of air for the Windows 95 code-base which ran parallel to Windows NT which includes NT 3.x, NT 4.0, Windows 2000 (NT 5.0), Windows XP (NT 5.1), and Windows Vista (NT 6.0).  Windows ME was shipped after Windows 2000 which was the direction Microsoft was going all along and ME was dead before it even hit the retail shelves. Windows Vista is the natural successor in the Windows NT family and it has no alternative Microsoft OS to compete with.

Windows 9x code-base needed to die because it fragmented Windows in to two distinct kernels that needed completely different drivers and Windows 9x monopolized most of the driver development and Windows 2000 suffered.  When Windows XP came out, it was marketed as a natural successor to Windows 98 and ME and even the "WinNT" folder name was changed to "Windows".  Windows 9x wasn't even a real multi-user Operating System and Microsoft had to thread the needle to kill off the Windows 9x code-base with Windows XP.  Windows XP unified driver and application development and it moved the mass market in to the NT kernel.  The price Microsoft paid for easing in the Windows 9x user base is that they couldn't enforce standard user restrictions and it allowed users to become their own worst enemy in security, and Windows Vista is now trying to address that problem.

<Next page - A factual assessment of Vista UAC>

A factual assessment of Vista UAC

Getting beyond the FUD on Vista UAC Windows Vista users know that the dreaded UAC prompt that asks you if you want to give an application access to your system files.  Don Reisinger says this was "copied" from Mac OS X and he says that he uses both Vista and Mac OS X.  This claim makes absolutely no sense to me since Mac OS X handles privilege escalation much differently than Windows Vista.  Mac OS X requires you to type in the administrator's password while Microsoft decided based on usability studies that this wouldn't be acceptable so they only make the user click "continue" or "cancel" if they get a UAC prompt.  So in that sense, UAC is actually easier to elevate privileges than Mac OS X password prompt.

Of course I always find it funny when people who don't use Vista claim that the UAC prompt comes up constantly for no reason just because they saw an Apple TV commercial or read it somewhere on the Internet.  But the truth is that UAC only comes up when your application tries to access low-level system calls or make changes to system files such as an application installation or if you try to change system settings.  If you're using your web browser, running MS Office, Photoshop, Skype, Messenger, or any other commercial application that was written correctly within Windows Logo guidelines, you will never see a UAC prompt.  Heck you can even turn Vista UAC off if it bothers you that much.

The problems with Vista UAC The problem with Vista UAC is that when it does prompt you, you sometimes get a series of non-UAC prompts on top of it and that gets annoying.  Sometimes it's the "Attachment Execution Service" (which came from Windows XP SP2) that kicks in an extra prompt or it's the "are you sure you want to delete this file" prompt.  This contributes to dialog box fatigue and verifies people's perceptions that Vista and "UAC" is annoying and painful.  UAC in essence becomes the dialog box that breaks the camel's back when it's put on top of all the legacy stuff and Microsoft needs to address it.

I've been a long time proponent of giving a free pass on UAC for installation programs that have been digitally signed and verified by a trusted entity.  I even asked Microsoft's (former) Co-President Jim Allchin in person the day before WinHEC 2006 why we couldn't get a way for a standard user to install signed software from known reputable entities without the UAC escalation prompt.  If a user is trying to install something from Adobe such as Flash, do they really need to be prompted if it's ok to modify the system?  Does a user really need to be prompted with a security warning when they're installing a digitally signed and verified Microsoft patch?

With all the other nagging prompts like Attachment Execution Service and UAC popping off warnings every time a user tries to install an application, Microsoft runs the risk of conditioning the user to blindly click "continue".  Why not save the warning prompts for unknown software instead of popping off nine out of ten false alarms?  This would actually improve security because users will actually be alarmed to see the UAC prompt instead of getting numbed by it.  I'm not suggesting that normal applications during routine runtime be permitted to bypass UAC, just application installers.  Microsoft already permits device drivers to install for standard users with zero administrative privileges and modify the kernel if they're digitally signed by a trusted entity.

The last thing that needs to be reevaluated is the UAC Secure Desktop.  Secure Desktop is that mechanism that dims your entire Desktop so that it can take the UAC prompt in to a totally isolated environment.  From a security standpoint its absolutely wonderful; I'm just not so sure it's worth the pain.  I know it's more secure and it makes it harder for potential Malware to manipulate the UAC elevation prompt, but there is a heavy performance penalty that delays the rendering of the UAC prompt.  I've actually shut it off on my computer since I do a lot of administrative tasks and I leave UAC turned on.  I won't go as far to say that I'd recommend turning this feature off, but the delays introduced by this feature needs to go.

If Microsoft can consolidate some of these warning prompts, get rid of some others, and skip the UAC prompts for trusted application installers, they can go a long way to easing the real and perceived pain of Windows Vista.

<Return to top>

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All