Vista RC2: More Refined, But Still Not Perfect

jcatcw writes, "Scot Finnie continues his love — hate relationship with Windows Vista. He installed the latest beta, RC2, on three machines. First problem: drivers — too many of them that should be available just aren't. User Access Control remains annoying and Vista's Software Protection Platform puts antipiracy above user security. Software compatibility is still in need even at this late date. However, previous problems with the Media Center were absent." And turnitover writes to point us to PC Mag's RC2 review. Their bottom line is that they expect an RC2+ or even an RC3 before it goes final. Here is PC Mag's slide show.

Update: 10/09 19:33 GMT by kd : michigano writes: "This late in the game and Microsoft has pulled firewire support from their OS! No one knows if its permanent."

RC2 is the first "buggy" version for me

[cojsl]

I have a bench machine that I've tested with Betas1&2 and RC1&2. All except for Beta2 have been pretty bug free, but RC2 fails at the "testing hardware" dialog during install, and after reboot will not give me the Aeroglass option, unlike all previous versions. I'll do some digging later this week to see how to force a re-test of hardware for compatibility, but this was dissapointing after 3 functional previous releases

More refined guys, in SP1 :)

[suv4x4]

No time for more refined. Unfortunately that's it.

It's obvious there's lots of patchwork in it. I browse the control panel and display properties and get the same feeling I have when looking at work I did in the last minute with a glue and duct tape.

IE7 still crashes like mad on Google Maps for some reason, and what's with the single tab display properties? What's the point of a tab bar, when you have always one single tab in it? We'll never know.

My Wacom tablet works terribly with Vista newfound tabletPC intelligence, it keep sassuming clicks I never have done, I had to go and basically disable all smart features and it still is funky (I can barely use a combo box with my Wacom in Vista).

It's apparent they'll be shipping it to the factory in few days either way, so I'm just hoping once they're done, they start working on a SP1 to be done for the January release that will fix all this mess.

Who was expecting "perfect"?

[nine-times]

Let's ignore people's feelings about Microsoft for a second. A hypothetical software developer has made a lot of changes to their operating system, rewriting a lot of internals, and making huge changes to their UI. Who here is expecting that this hypothetical software release will be "perfect" when it goes gold?

At best, even assuming Microsoft is a great software developer, there will be bugs and problems when it goes out the door. I don't believe that should be our question. My questions are, Is it usable? Will it increase my productivity over Windows XP? Does the new UI offer something beyond being "new"? Are there new features that I'll actually want to use?

Or to bang all of those questions into one super question, Are there any reasons why I'll want to upgrade? If I could add a second, it'd be, Are there any reasons why I won't want to upgrade?

But if you tell me that there aren't drivers for everything yet, well of course there aren't because it's not released yet, but there will be drivers for most things soon. If you tell me there's some little bug on your particular machine, that doesn't bother me. Release broadens the diversity of hardware that software is running on, and so even if everything was perfect in the beta stage, there will be some bugs.

Re:Who was expecting "perfect"?

[nine-times]

There is also a new level of stability in Vista. For example the WDDM video drivers are not only User level (for the most part), but you can literally unplug your Video card, the computer will make the plug and play sound and screen will go blank, and then plug in another video card or the same one while the system is running, and Vista will not fail and if needed restart the Video driver or install the new and just keep going. This is something that would have been impossible in previous versions of Windows, and still is impossible in most other consumer OSes.

Is that safe from the hardware side of things? I think I'd be hesitant to pull a PCI card from a live motherboard whether my OS could cope with it or not.

Is this with or without hacked DRM?

[WillAffleckUW]

I was just reading on Gripeline that Microsoft is suing a hacker who has already hacked the DRM components of WinVista.

Inquiring minds with sharpies want to know ...

Microsoft should put UAC password prompts back in.

[Randolpho]

Correct me if I'm wrong, but isn't this the same guy who first bitched about the UAC always asking for passwords to do anything administrative? (read: mimics SU, only more annoyingly) Didn't Microsoft respond by taking the passwords out?

That was a bad move on both parties' account, IMO. There's a /. post still on the main page that shows why an annoying UAC (with password typing required) would be a Good Thing(tm). Where is it.... where is it.... ah!

IE7 Toolbar Mayhem

Who do they expect to buy this?

[ShadowsHawk]

Besides bundled with new systems, who would actually buy Vista? I expect that we will see a slow adoption rate since most users are perfectly content with XP.

Re:Love? Hate? Ignorance?

[rumith]

What matters is ignorance of 90% Windows users. What matters is nobody knows about alternatives, and nobody cares. What matters is that every single one of them who has the money will sooner or later switch to Vista to keep up with the Johns. What matters is that too many people will do what they think every "law obedient, god fearing taxpayer" should - buy Vista, that is. And finally, what matters is that very soon most software vendors, especially bigger ones, will be 'convinced' by Microsoft to develop Vista-only stuff. And so on and so forth...

Re:So which is it?

[Overly+Critical+Guy]

RC isn't a beta; it stands for Release Candidate, the stage after beta, meaning it's been released as a candidate for RTM to fish out any remaining unseen bugs.

The only improvement I've seen in RC2 over the last release is that Vista is no longer randomly blue-screening for me on startup. However, UAC is still INCREDIBLY annoying (you'll see...), it still takes too long to boot compared to the 12 seconds that OS X takes on the same hardware, and none of the sloppy interface issues have been fixed. It's a really inconsistent experience and still gaudy as hell. Some of it honestly looks like an amatueur KDE theme. This is surprising to me, since surely Microsoft can afford high-quality graphic artists. It was a relief to switch over to the Windows Classic theme, although some controls come out even uglier.

All that said, a couple of games that gave me incompatibility warnings in the last release no longer do so. I laughed last night when I discovered that accidentally hitting the Windows key STILL boots you out of a fullscreen game. That thing has to be the most worthless key ever invented. TheInquirer is reporting that Microsoft is telling industry partners that Vista runs games 10-15% slower than XP does. We'll see if that pans out according to benchmarks.

Seriously, they must be joking

[dingen]

Browsing the slideshow, I found this beauty.

Please, somebody pinch me. IE is clogging up 1 GB of memory in the final build of Vista before launch?! Well, it explains the insane sys reqs though.

Re:Seriously, they must be joking

[dr00g911]

I can confirm that a bare metal install of Vista on several 2GB RAM test machines that I have tie up 780mb of RAM without a single app open other than the task manager.

Vista will not be ending up on any of my renderfarm machines for that very reason.

Black box testing won't find most bugs

[garyebickford]

I used to run a "Software Quality Assurance Workshop" at Tektronix - I was an SQA engineer at the time, so I know a little bit about the topic. In researching this subject and also over time since then, I learned some interesting facts, which should be enough to scare the Vista SQA team.

1. There are strong mathematical reasons why it is near-to-impossible to find more than about 20% of the bugs in a system (of any significant size) using black box testing.

I don't recall the proof. As I recall the most important factor is algorithmic complexity - every additional two-way branch doubles the number of possible paths through the control flow. For perspective, a program with just ten branches requires 1024 different tests, for EACH grouping of input data.

Data issues provide more complexity. Heuristics may help discover as many of the pathological cases as possible. For example, every input data element (variable) must be checked at the 'fenceposts' (ends of the range), inside the range, and outside the range. Inside the range, there may be regions or single values that can affect the usage of other variables (e.g., angles might be defined in [0,2Pi] but tan (pi/2) is pathological), so those are another kind of fenceposts that must be discovered and tested for.

(There are many resources online. Wikipedia/Software Quality is a reasonable place to start.

2. Given a 'good quality' development system using techniques such as structured programming, code walkthroughs, manual and automated code analysis, and some other things, about 80% of the bugs will be in the original design document. (Another justification for Extreme Programming?)

Interestingly, something like 50% of these may be arguments regarding usage. "It's not a bug, it's a feature!" is often a valid argument - a 'screwed up menu' for one user may be just perfect for another. Of course, providing options to the user as X11 does, is often itself considered a 'misfeature' for the general public, if not an outright bug.

3. Given the same system, only about 20% of the total resources (time, budget) will be spent in the development phase. As I recall, about 20% -> planning and design phases, 20% to development, 40% during SQA, and the last 20% after release.

4. Again with the same system, the designed, QA'd, tested, and released code will have approximately 1 bug every 200 lines of code (while there are arguments about using Source Lines of Code as a programmer performance metric, it can be more easily justified for this purpose, as we can assume that most languages will have about the same level of ambiguity regarding what is a line of code.) This ratio has been empirically shown to run true across all types of programming, from assembler to 4G database code. I recall reading a couple of years ago that Microsoft admitted a rate of one bug per 80 lines of code, but I don't have a citation, so I can't say for sure.

All modern OS have about the same number of lines (according to the above), using the same metrics - about 30 million. This is apparently true for XP and for various recent distributions of Linux - Redhat, Debian, and others, including the applications that came with the distributions. Therefore, every OS ships to the customer containing something on the order of 150,000 bugs. I once listened to a presentation by the then-head of IBM's OS software support group - I think for OS/360, but it might have been a later product. They released a new version every three months, and customers found another 2000 bugs every time.

A probable advantage of Unix-like systems is the relative independence of different applications and components. Each application presumes less about its environment, and so can be less susceptible to problems caused by interactions within the environment. This helps to break the algori

Re:Black box testing won't find most bugs

[bmajik]

Disclosure: I am an SQA employee at Microsoft, albeit not in the Windows org.

One thing that F/OSS advocates (rightly) point out (everytime there is a windows vs linux security bug count study) is that not all bugs are equal. While defects/KLOC is interesting in a variety of ways, it is not nececssarily a good indicator of how well the software meets the needs of the user(s), and ultimately, how well the software meets the needs of the user(s) is what matters (its what matters to users, and its what matters to developers/vendors)

So to be fair, some of the conceptual test problems you mention (like complete-path coverage, or all edge-case coverage, etc) are not necessarily important test scenarios, especially if those values fall outside of the expected use of the product.

For instance, it may very well be that Vista's IP stack will not allow 2^31 in-flight TCP connections simultaneously. A clever tester might write a test that tries to set this up, only to see it fail.

But a more clever tester wouldn't have bothered, mostly because they know that other issues would prevent 2^31 connections from working long before you got there, and that 2^31 connectinos isn't any kind of customer scenario in the lifecycle of Vista.

This kind of sucks at some level - you want the product to be "intellectually" bug free, i.e. if you konw of a defect, it is satisfying to know that it is going to be fixed. But not all bugs are created equal, and some just don't warrant the effort required to fix them.

In some teams at Microsoft, I'd argue that test tools and test automation are used too heavily, to the detriment of the product's quality. I'm a huge fan of test tools and test automation, but it has to free up tester time so they can actually use the product and find the things that computers can't (yet) find. Exploratory or ad-hoc testing still finds a ton of bugs, and if you're familiar with the art, you know that the "goal" of SQA is not to provide a body of tests for posterity, but to act as a feedback mechanism for developers to stop writing the same kinds of defects they did 12 months ago. Thus, many functional tests have a built-in expiration date, and ultimately, a test most effective if it simulates how the customer is expected to use the product.

Naturally, the rules change depending on the nature of the product - the majority of testing going on for security-sensitive applications is much different than the majority of testing for Office UI localization. In many security-sensitive areas, it is often more important that the product doesn't do what it shouldn't than verifying that it does do what it should, and what constitutes "security sensitive" is changing (mostly expanding) on a daily basis.

So back on topic - one thing we do to try and help with the quality of Vista, inspite of not being able to do theoretically complete test coverage, is extensive customer use. I've been running Vista on my main work machine for months. I'm running it at home on my media center machine. Tens of thousands of MS employees are running Vista (and Office 12). The claim goes - if a cross-section of Microsoft employees can survive their work and home computer usage scenarios, on pre-release builds of Vista, then Vista is generally "ok". We'll find a lot of the issues that customers are likely to run into via extensive real-world usage of the product.

Additionally, Vista has been deployed by real customers doing real work at multiple customer sites. And this is how it is with most MS products now. Any version of SQL server, Visual Studio, the .NET Framework - all had real companies "go live" on pre-release versions of those products, with the developers and testers from MS working directly with those companies on issues as they arose. The companies get a head start on using newer stuff (to solve real problems they're having) and we get incredible real-world feedback on the product.

I don't want to shrink the amount of effort we put into forma

Re:Yup

[Kineel]

First off, you cannot just 'run Vista with administrative privleges.' That doesn't work around the problem. What you CAN do is turn off UAC, which is done in the most stupid way possible. You turn off the option and then you must (wait for it) REBOOT VISTA. Excuse me? REBOOT? Then why will anyone ever turn UAC back on if they keep having to reboot to use it.

The problem isn't that Microsoft has implemented UAC, it is the horrible way that they did it. You don't enter a password to install new software, you must click on a button that is on a different part of the screen every time it pops up, and it can pop up a lot if you are doing administrative tasks. So most people will simply choose to disable UAC, reboot, and never re-enable it again. That defeats the entire purpose of the feature.

Proper way to do it: When the user needs to perform an administrative task, have them enter a password, then allow ALL administrative tasks performed within the next several minutes without asking. If the time runs out, ask for the password again. This allows people to perform Administrative tasks without constantly having to click on annoying dialog boxes for every step they perform.

For good examples of how to do this properly see Mac OS X or most versions of Linux running a GUI.

Microsoft can't even copy good ideas correctly.

Questions...

[jesterpilot]

* Is it possible now to rename, move or delete a document when it's in use by an application?
* Is disk-defragmentation history?
* Does Vista provide a software manager connected to massive software-libraries on the internet, so we can install and update applications en masse?
* Does Vista have multiple desktops?
* Can we choose between different desktop environments?

Re:Firewire is NOT gone

[Al+Dimond]

Yay. 1394 networking, as Beck might say, makes me wanna smoke crack. At my job I use 1394 for driver debugging; if you boot into 1394-debug mode and 1394 networking comes on it kills your debug connection. So I disable the 1394 network adapter, but every time I move the HD to a different system (very frequently) it becomes re-enabled again (even when I use the same damn 1394 card). So there's always at least one wasted boot, or hangs because a breakpoint is hit after the debug connection has been killed. And I've yet to find a way to disable it entirely across any and all 1394 adapters that might get plugged in. Except, apparently, by moving to Vista.

I'm just amazed that TFA(uthor) misses it. 1394 networking seems to me to be the definition of a solution in search of a problem. When I read in the article that the author had a 1394 network up I did a double-take. I've never even seen hubs or repeaters for 1394, do such things exist?

Re:Microsoft and DRM

[oddfox]

I'll say it again, you have to tell Windows Media Player that you want to encode copy protected WMA files, by default it does not and apparently WMP10 in XP SP2 doesn't even give you the option of encoding to MP3, which WMP11 in Vista does. I was able to successfully do my first rip with WMP10, it defaulted to 128kbps WMA non-protected, and copy the file over to multiple computers here at home and have it play back without issue. I call bullshit on your story about your friend and postulate that he pulled a stupid and enabled settings that were disabled by default. I told WMP10 when it started the rip process to keep the settings that it already had (This is a fresh XP SP2 and I hadn't used WMP10 for anything before since I have WinAMP Pro for audio, Media Player Classic for video, and CDex for ripping).

The DRM-ed music that you get from the various music stores that do use DRM (And there are plenty that don't, they simply don't have the market share from what's already a tiny market) does not in any way enforce DRM on files that you personally create on your computer, they are not viral and they don't force anything other than the installation of the proper utilities that enable playback of the protected media.

Finally, I never said Linux was full of DRM! I said DRM is making its way onto the Linux platform as we speak. Sure you'll be able to work around DRM in Linux, the same way you work around it in Windows, by not using it or purchasing files that are protected. KPDF already has DRM in it, and you can compile it without DRM, I first realized this when I noticed some time ago that KPDF has a nodrm USE flag in Gentoo. Banshee is working on iTMS support (Or at least playback of files obtained through iTMS) which in turn enables DRM support in the program. Linus is perfectly willing to allow DRM mechanisms to function on a Linux system, though he speaks mainly about signing binaries or kernel images. This is a voice of reason that generally is drowned out by the zealotry that can cloud vision. As for GStreamer, it is going to have DRM through other means in the near future and already does through Fluendo.

I see though that you don't even want to bother with understanding that the state of DRM on Linux is the same as it is on Windows, it's there but you're not being force-fed anything unless you happen to procure restricted media from a source of your own choosing. If you don't want to deal with DRM-ed files, don't buy them and don't encode them. What the hell is so hard to understand about that? And guess what, if Microsoft didn't enable support for playback of these files through their own programs, the demand would be fulfilled through whatever means necessary.

P.S. -- If you're making copies of your files by exercising your fair use rights, you shouldn't have any problem saying "Oh, I fucked up, let me re-encode this file that I accidentally made copy protected."

Re:Yup

[drsmithy]

Proper way to do it: When the user needs to perform an administrative task, have them enter a password, then allow ALL administrative tasks performed within the next several minutes without asking.

The way OS X and Linux do this with sudo is a gaping security hole.

Added to that, I strongly suspect the functionality you are asking for is fundamentally incompatible with Windows's security model.

What sort of "administrative tasks" are you doing that are resulting in so many UAC prompts so quickly ?