Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows 7 Likely Going Modular, Subscription-based

Posted by Zonk on from the what's-not-to-love dept.

Microsoft CRM writes "When Windows 7 launches sometime after the start of 2010, the desktop OS will be Microsoft's most 'modular' operating system to date. That's not necessarily a good thing, of course; Windows Vista is a sprawling, complex OS. From Microsoft's perspective, though, there are many possible benefits. The OS's developers can add/remove functionality module by module. New modules could be sold post-launch, keeping revenue streams strong. A modular approach could also allow the company to make functionality available on a time-limited basis, potentially allowing users to 'rent' a feature if it's needed on a one-off basis. Microsoft is already testing 'pay as you go' consumer subscriptions in developing countries."

5 of 603 comments (clear)

  1. Re:Artificial Bundling? by CastrTroy · · Score: 4, Informative

    The problem will be in the dependancies. Want MSN Messenger, that relies on IE, because it can display HTML content. So to install messenger, you have to install IE. Same goes for Linux. You want GIMP, well you have to install GTK, because you can't have one without the other.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  2. Here's where the technological shackles come in.. by darkfire5252 · · Score: 5, Informative
    The parents are correct, there's no way that Microsoft would be stupid enough to design an open and modular OS because competitors would rip them apart. MS may be lacking in many areas, but predatory business practices is not one of them. I'm betting that Windows 7 will re-introduce us all to one of our old friends. Remember way back when, when people were ranting and raving about trusted computing and something called the Trusted Platform Module? After all the fuss died down, plans continued as before and as a result the majority of the people reading this post have a TPM installed into their motherboard. It's a truly fascinating device (I've read an implementer's guide, it does a LOT. Go here and download the latest 'Commands' doc. Just take a look at the descriptions and capabilities of the TPM's API. It's chilling.), and there have yet to be any products that really hinge on the TPM. With Windows 7, "With Trusted Computing technology for an even greater level of security and reliability!", here's how MS can block out third party modules, even if they published the API in the Wall Street Journal:
    1. Installation of Windows 7: the OS communicates with the TPM and 'takes ownership' of the TPM. (The tech docs can't spell it out any clearer: the programmer controls the computer, not the user.) When taking ownership of the TPM, Windows provides the public key of Microsoft to the TPM.
    2. Booting the computer: During installation, Windows installs a hash of the bootloader code and the OS code into the TPM. The bootloader performs a sanity check using the TPM to ensure that it has not been compromised. The bootloader then verifies the OS against the TPM and only loads 'genuine' copies of Windows. Note that the definition of genuine is entirely up to MS; at any time the TPM can be instructed, only by its owner, to invalidate any credentials. It's perfectly possible, and in fact designed into the specs, for the TPM owner to completely disable TPM protected software at any time. Irreversibly, because the binaries are encrypted and require the TPM's cooperation to run.
    3. Updating Windows: Before updating, the OS instructs the TPM to provide a guarantee that it is a genuine TPM (using information manufactured into the chip), and the TPM signs MS's public key. This cryptographically proves that the computer has a TPM and that Microsoft owns the TPM. Microsoft then transmits the update to the computer, encrypting it with the TPM's key to prevent the native code from being revealed to the user or installed on a non-authenticated machine.
    4. Installing a module: Similar to updating, but more insidious. The user purchases a certificate to run a module, then the module is securely transferred to the machine. The certificate is stored by the TPM itself to prevent it from being read from disk or RAM by a third party. This is done for all the TPM's information. The module is then installed if and only if it is authenticated by Microsoft. This may seem to have some flaws, but that's taken care of with the following...
    5. Running a binary executable: The OS can require that every single binary be signed by a person who is authenticated by the owner. The TPM verifies this, and then either provides the OS with the decrypted binary or a failure notice. 'Configuration states' are a key principle here; at any time the state of the system (all programs that are running) can be saved into the TPM. This can be used for example by Windows update. The updater saves a configuration where only the core OS and the updater are running, and then can ensure that it will not update if not in this configuration. This keeps any on-the-fly memory editors out.
    A lot of very smart people put a lot of effort into this system; it works. It's just been waiting for that 'killer app' to use it...
  3. Re:Well... by tokuchan · · Score: 5, Informative

    IBM didn't sell you anything back then. You leased the machine, rather than buy it. IBM would charge you a low price but ship and install a bigger machine with extra processors and memory modules installed. The lease terms limited you, rather than physical limitations. This was actually a very good thing. First, whenever something broke, IBM could switch it out over the phone, which made those late night calls much more tolerable. Second, if you needed more power, they could switch on more processors and bill you. Then, when you no longer needed the extra, they could switch them off again and save you money. It was really a win-win situation for everyone.

    The big difference here is that we are talking about software, not hardware. If MS really does this, it will either be a wild success or a dismal failure. Personally, I will stick with my Mac or move back to Linux.

  4. Re:Mach by darthflo · · Score: 4, Informative

    I hope you're not too serious, but I'll try to explain.
    Ubuntu uses Debian's apt package management system. It's a great thing, fast as hell (especially when one's coming from Gentoo or source-y relatives), easy through Synaptic and so on. It does, however, have one major difference to Gentoo's way of handling new releases: Only security fixes are applied to packages after a release.
    That's a great advantage to admin staff. Never touch a running system's config unless upgrading to a new release. It's also a (rather large) disadvantage to people favouring the bleeding edge. A seperate "backports" repository will contain some new releases but it's not as extensive or current as gentoo's. The actual updating process itself, though, is typically orders of magnitude faster because packages are distributed binary (source optional) instead of as source and compiled locally.

    Updating Ubuntu's embraced and extended* edition of Firefox to it's newest version is as easy as "apt-get upgrade" (emerge -u world) or "apt-get install ubufox" (emerge firefox) after an "apt-get update" (emerge --sync). Updating to vanilla Firefox from mozilla.org is, as GP stated, another beast.

    * I'm seriously hoping for that third "e" there -- all those annoying Fx banners and buttons and other nuisances are enough to ruin an already mediocre product completely. Freedom in software should mean letting people use whatever browser they like. Be it Opera, Safari, ELinks, Lynx or even a properly secured instance of MSIE.

  5. Re:Mach by node+3 · · Score: 4, Informative

    Flaimbait? How in the world is this considered flamebait? I'm sincerely asking how the XNU kernel is necessarily more modulular than other kernels. Generally speaking:

    The Linux kernel is monolithic, even if you compile everything as a module, it's basically stitched back together as a big monolith. Linux modules are just excised chunks of the kernel that you can load on demand, but you still need something specifically compiled into the kernel for each specific module to hook into.

    With XNU, kernel extensions are more self-contained, and insert themselves into the kernel using more generic/universal interfaces.

    That's why OS X device drivers don't have strict requirements for kernel version while binary Linux device drivers require a specific kernel version with specific compile-time options, and source drivers need the kernel to be compiled with support for them.