Putting Vista under the microscope - part one

New OS put under the microscope

Vista development, which started with the Windows Server 2003 core, which in turn started with the Windows XP SP2 core, is in the same league with Microsoft’s Windows 95 effort, and not far behind the gargantuan Windows NT undertaking. Whether you love Windows or not, whether you believe in Microsoft’s ability to innovate or not, you can’t fault the software giant’s R&D efforts with Windows.

The question is, what does all that work mean to you and to businesses the world over? What are the benefits? What are the downsides?

There can be no doubt there are pluses and minuses to Vista, from easier installation and management to aggressive antipiracy features, from advanced video 3D graphics to a notable bump-up in the video hardware requirements, from hundreds of security improvements to the frustrating User Account Control user experience.

Visual presentation

A whole crop of software reviewers has entirely missed the point about Vista’s new Aero interface and Windows Presentation Foundation (or WPF, aka. “Avalon”) graphics subsystem.

Aero has often been dismissed as so much eye candy, as frivolously non-functional adornment, as pretty things to dress up the user interface. The same people who rant endlessly about whether the graphical menu should move vertically or horizontally are the ones who dismiss the power Avalon represents to transform Windows applications of the future. It’s not about what Microsoft is doing with the Vista interface, it’s about what all that power in the hands of application designers and developers could mean with your software.

The Aero interface, and the application user interfaces that take full advantage of WPF in the future, can take advantage of these graphical effects: 2D, 3D, effortless scaling, vector-based text and shape rendering and motion, transparency, blurring, shadows in motion, object movements and a lot more. Put in simpler terms, Microsoft is borrowing heavily on the graphics horsepower previously only found on high-end gaming machines and enabling it as part of the operating system’s core.

To go along with internal support for full-fledged 3D, WPF also supports a new extensible application markup language, XAML, that should make it much easier for application designers to try out and create user interfaces for their applications that tie in with the programmatic functionality being created by their programmers. Make no mistake, Windows Presentation Foundation is a powerful reason to prefer Vista.

Live thumbnails, Flip, and Flip 3D

The Windows taskbar is still one of the best user interface tools that Microsoft has ever devised, Windows 95’s great window-management improvement. It places buttons on the taskbar for every application, folder, or other object you have open. The problem with the taskbar is that it’s easy to forget what’s in the windows, so it’s hard to find the ones you want. But Vista has solved that problem with live thumbnails — pop-up thumbnail tiles that show the contents of the window. To make them appear, you hover the mouse pointer over the taskbar button.

Flip is an upgraded version of the Alt-Tab Task Switcher from earlier versions of Windows. Alt-Tab gives you a palette of all open programs — you hold down the Alt key and cycle through those programs with the Tab key. The one that’s selected when you let go of the Alt key will then open up front and centre on your screen. What’s different is that instead of names of programs with static icons, Flip uses the live thumbnails for those programs, which makes it a good deal easier to find what you want.

Flip 3D provides a 3D rendering of all your open windows. It lines them up in order, showing them from at a one-quarter angle, and marches them in procession. Flip 3D uses the Windows key and the Tab button, and it activates the window on top when you let go of the Windows key. Microsoft has added the “Switch between windows” icon on the Quick Launch menu, which lets you activate Flip 3D entirely by mouse. You can even use the scroll wheel to cycle forward or back through the windows.

Windows Calendar

This may be the best new application that ships with Windows Vista. It’s remarkably easy to use, yet offers surprisingly advanced features, including the ability to send out invitations to meetings directly from within the program, set reminders, create to-dos, and other nice-to-haves. You can create group calendars to share with others who use the same computer, and you can publish your calendar on the web as well. Best of all, it’s compatible with iCalendar, the main group calendar standard. So when you send or receive invitations, you can automatically sync your calendar with others, and you can subscribe to calendars posted on the web.

Backup and Restore Centre

Remember the old backup program in XP? It was universally reviled, for good reason. You couldn’t do something as simple as backing up to a network folder or a CD drive.

Well, the backup program built into Windows Vista will make you nostalgic for XP-based backup. If you want to back up data in Windows Vista, you’ll be looking for a third-party program.

We won’t go into all the gory details, but here’s the ugly synopsis: You can’t back up individual files ... or individual folders or even individual file types with Backup and Restore Centre. If you want to back up, say, 40 or 50 megabytes of .doc files, .jpg files, and .zip files, you can’t do that. Instead, you have to back up every single data file, every single graphics file, and every single compressed file on your entire hard disk — and that includes the files that make up Windows. So you’ll have to back up several hundred megabytes of files you will never use and never want to back up.

Windows Meeting Space

Looking for a good way to hold virtual meetings over a network, so that you can share documents with others, view everyone’s mark-ups, and chat and talk while you’re all in different locations?

Then don’t look to Windows Meeting Space.

This application is supposed to let people create ad hoc virtual meetings over a network, including those at wi-fi hot spots. But it lacks so many basic features that it’s hard to imagine anyone using it. There’s no common whiteboard, no built-in VoIP feature, and its chat module is pretty much worthless. What’s the point, you might ask? We do, too.

Internet Explorer security

Internet Explorer has long been a hackers’ favourite target, and in Windows Vista, Microsoft has built in a variety of protections to help keep IE, as well as your computer, safe.

First and foremost is Protected Mode, which shields the operating system from actions taken by Internet Explorer or any Internet Explorer add-ins. So even if malware breaks Internet Explorer’s security features, it shouldn’t be able to do harm to your PC, because Protected Mode in essence locks Internet Explorer inside a safe box. Protected Mode isn’t available in IE 7 in Windows XP; it works only in the Windows Vista version.

Internet Explorer in Windows Vista also benefits from the same security features that are built into the Windows XP version. The anti-phishing filter does an excellent job protecting against phishing attacks, and the browser has also cracked down on potentially dangerous ActiveX controls and dangerous add-ins.

Windows Firewall

Those who have been longing for a true firewall for Windows will be pleased to know that Windows Vista includes a two-way firewall. The firewall in Windows XP only blocked dangerous inbound connections, but did not provide any protection for unwanted outbound connections. So if your PC was invaded by a Trojan or spyware, those programs would be allowed to make outbound connections unimpeded. Windows Vista changes that, and the Windows Firewall includes outbound protection as well.

As with Windows XP, you can customise how inbound protection works by opening and closing ports, blocking and unblocking programs, and so on through Windows Firewall Settings, available via Control Panel > Security > Allow a program through Windows Firewall.

But oddly, at first it appears that you can’t do the same for outbound connections. In fact, you can, but you’ll have to do a bit of digging to find out how. You need to run Windows Firewall with Advanced Security. To do it, at a command prompt, type wf.msc and press Enter.

Given that Windows Firewall now has outbound filtering, there’s little reason for most people to need a third-party firewall such as ZoneAlarm.

Windows Defender

The Windows Defender antispyware built into Windows Vista is no different than the one available for free for download for Windows XP, or the one built into Windows Live OneCare. It’s a solid, serviceable antispyware application that includes live protection as well as automated spyware scanning.

The best thing about Windows Defender is that it was purposely designed not to pop up frequently, requiring user decisions. The worst thing about Windows Defender is that compared to products like Webroot’s Spy Sweeper or Safer Networking’s Spybot Search & Destroy, it offers limited protection.

One of Defender’s more useful features is its Software Explorer, which provides help beyond spyware. Software Explorer lets you see programs running on your PC in a variety of categories, including Startup Programs and Currently Running Programs. It provides in-depth information about each program, including its name, executable file, publisher, path, file size, and other information. You can enable, disable or remove any program.

Windows Defender doesn’t give a whole lot of advice in helping you decide which programs you should let run — but on the other hand, if Windows Defender allows a program to run, it considers the program safe. You can always do a Google search to track down any application about which you’re suspicious, and Windows Defender gives you plenty of information about each app, so it should be easy to do a search.

What, no antivirus?

As with past versions of Windows, Windows Vista doesn’t include any anti-virus software. Why? One reason might be anti-trust concerns, particularly in Europe. Including antivirus in the operating system could certainly be construed as anti-competitive, and could embroil Microsoft in lawsuits for years to come. Another potential reason is that Microsoft just happens to sell an anti-virus product of its own bundled into Windows Live OneCare. If antivirus was included in Windows Vista, there’d be little reason for anyone to buy OneCare.

What to do about antivirus? You’ll have to buy or download a third-party program. Not all antivirus software works with Vista yet, and it’s not clear which will work, and which won’t, so this may be problematic for anyone upgrading to Windows Vista. Also not clear is whether the licence you’ve bought for a Windows XP version will be able to be used for the Windows Vista version.

UAC and file permissions

Perhaps the most controversial security feature in Windows Vista is User Account Control (UAC), which seeks your confirmation before it will allow various programs or dialog boxes to open.

The purpose of UAC is to make Windows users — as the last line of defence — aware of potentially dangerous activities that are about to carried out on their computers. The potential threat is that a malware program (or possibly a determined hacker) could be carrying out a scripted set of steps that will lead to a negative event on your computer, such as the loss of data or damage to your Windows installation.

In a nutshell, the question UAC asks is: did you initiate the process that’s attempting to run? When the answer is yes, you click OK or Allow to permit the action. When the answer is no, your prudence in letting UAC block that action could save you from a very bad experience.

UAC is not smart in any way. It doesn’t try to discern something that might actually be a threat. It just throws up a prompt about something that might conceivably be exploited. It also doesn’t ever relax. You could click the System Control Panel (also called Advanced System Settings in some areas of Vista) 75 times in a row, and it would prompt you with the statement “Windows needs your permission to continue” every time. So basically, it adds an extra click to the process of accessing this tool.

There is nothing inherently wrong with this approach, which has been used by other operating systems before. It’s not a new idea, and it’s not a bad idea. But the devil is in the details of how it’s implemented. As a Johnny-come-relatively-lately to the security bandwagon, Microsoft has embraced security principles fervently. What that means is that if there’s even a small chance that opening a settings dialog box, starting up an applet, or running an installation program could present even a slight security risk, Windows Vista is going to prompt you with some sort of UAC dialog box asking for permission to proceed.

This is a short list of just a few of the processes that require confirmation to initiate:

• Opening Disk Defragmenter, System Restore, Task Scheduler or Windows Easy Transfer

• Adjusting font size, connecting to a Network Projector (opens two dialog boxes in succession) or accessing Remote settings

• Opening these control panels: Add Hardware, BitLocker, Device Manager, iSCSI Initiator, Parental Controls, Advanced System Settings, System Protection or Remote Settings.

Additionally, many processes that don’t prompt you at launch, such as Windows Defender, Windows Firewall, Ease of Access, Internet Options and a long list of others, do require your permission for specific settings. Taken one by one, most of the processes that are gated by UAC seem very reasonable. Microsoft rethought a great many restrictions that made little sense between Vista Beta 2 and RC1. But taken as a whole, UAC is going to seem like a burden to many users who are tired of Microsoft and other software makers protecting us from ourselves.

Proponents of UAC claim that after the first several days or weeks after Vista is first installed (or you receive it on a new PC), the experience of constantly being confronted with UAC dialogs slows down. But for some people, UAC numbness creeps in quickly. How long before they stop reading the prompts or considering what they mean and just click OK every time? It can quickly become muscle memory. The average Vista user will have little idea about the rationale behind UAC prompts. To that person, UAC may seem scary at first but quickly became a petty annoyance. How long before people realise they can turn off UAC in the User Account Control Panel?

This is the worst problem about UAC. Has Microsoft over-balanced it, and turned it into something that will actually defeat its purpose? There’s a very real possibility of that.

Finally, although file permissions problems related to UAC have been tweaked since RC2, people who install Vista in a dual-boot arrangement may find that some folders they created on their XP drives may not be accessible from Vista without complex file and folder security-permissions changes.

In particular, if you store user files (such as downloads, programs, or system drivers) in user-created folders hanging off your root directory — instead of placing them somewhere in the Windows-prescribed user folders, like Program Files or My Documents — you could find that the operating system will prevent you from opening files or folders. In the very late pre-release version of Vista tested for this story, the first indication that Microsoft may have reduced this problem was apparent. Because it was a seemingly random problem in earlier builds, it’s tough to say for sure. But hopefully, this problem has been rectified.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags MicrosoftWindows VistaSpecial ID

More about GoogleMicrosoftSafer NetworkingWebrootWindows Live

Show Comments