Actually, I imagine the dev team had a patch ready within a short time of it being reported in December. The initial patch probably broke a lot more stuff than the released one does. Microsoft tests patches against a huge number of applications and configurations as part of their regression testing. As long as it's not being exploited, it's better for MS to keep working on compatibility issues. Once the exploit was public, MS pushed it out the door with one remaining compatibility issue and a hotfix for that issue (a hotfix is a patch that hasn't gone through the full regression testing - it may break more than it fixes, so it is only for people experiencing a specific issue; hotfixes get grouped together and go through full testing for each service pack).
I don't know about an online store, but national US chains do charge different prices in different states. Products tend to be cheaper in lower income regions of the US. It doesn't really make sense to hold prices constant while allowing average income to differ.
If the EU wants the music labels to set a standard EU price, expect that price to be higher than what it currently is in lower income countries in Europe. Sure the UK might get a price break, but music will be less affordable than it currently is in other parts of Europe.
Also note: apart from installing or uninstalling apps, you'll rarely see UAC prompts. Once you've got your box set up, you rarely need that privilege.
If you're doing a lot of configuration (or even installing a number of applications), start an elevated PowerShell session. Any applications that you launch will be elevated, so msiexec can be used for installing/uninstalling programs, mmc for configuring settings, etc.
It's funny that you should mention this, since Vista includes a new Reliability Monitor that helps you visualize the reliability of your system. It keeps track of the success/failure of installs, application crashes, hardware problems, and Windows crashes.
For example, my computer has not had any serious reliability issues since Vista RTM was installed in mid-January. Furthermore, the application crashes includes programs you write yourself, so developers will have to pay more attention to the details than the chart.
This combined with a few other diagnostic improvements should make it easier to help family and friends that complain of computer problems but can't describe what is happening.
Either way, it shouldn't be driven by an outsider, although he can and should make the suggestion to them that certain criteria should be revisited.
To give some context to who Michael Howard is, he is one of the head security guys at Microsoft. One of his roles is to improve the development process across Microsoft to improve security. So the MSRC responds to actual security vulnerabilities, while Michael looks at why the development team missed the bug and how to avoid it in future products.
If you read what Michael actually said the issue becomes more apparent. A security bug that affect Vista and XP will usually be given the same rating, even if Vista has defense mechanisms that it make it extremely unlikely that it can be exploited. In the security alert they will list any defense mechanisms that make it harder to exploit the bug, but they don't change the rating.
It's one account for both services (just like you can use an Xbox Live account/identity for the Zune Marketplace). I imagine relatively few people would consider paying for the Gold account on Windows, compared to Xbox 360 users who will use their existing account on Windows.
I used to run Linux on my laptop (an IBM T40). When every distro I tried (Ubuntu, Fedora, Gentoo) had a kernel panic upon resuming from sleep, I gave up. From everything I read about this problem, power management is pretty delicate. Even if it works on one person's hardware it might have problems on a nearly identical computer. Apple has a huge advantage over Microsoft and the Linux community in that their testing can cover every hardware configuration that consumers can buy.
As for your problem with a slow wake-up from sleep mode (mine is in the 1-2 seconds range on Vista), did you check to see if Vista was reporting driver or software issues that were causing problems?
From the Performance Information and Tools screen (the one with the Windows Experience Index scores), click on Advanced Tools on the left. At the top of the screen you may see a list of performance issues that Windows has detected. For more detailed information, try the "View performance details in the Event Log" tool. Glancing through the list, there's information on high disk usage, processes with larger than normal working sets, devices or drivers that are delaying boot/shutdown/sleep/resume operations, etc.
That's a fine solution, except that most people schedule appointments with respect to local time. I want a meeting at 4pm here and whatever time that is for people who are calling in (scheduled for some day in the extended DST period). Outlook/Exchange convert 4pm to the appropriate UTC time. After I send that out to everyone, some people's machines get patched, including mine. It now displays that meeting as occuring at 5pm since it stored the time as UTC. Since most people at that meeting are in my timezone and leave work around 5pm, I have to move the meeting time (ie I need to adjust the UTC time for the meeting).
To add to the confusion, people who already patched their machine always saw the meeting at 5pm local time. Without knowing if my machine was patched or not when I scheduled the meeting, they can't be sure if I meant 5pm or if it might actually be 4pm. So there is definitely room for confusion, despite the fact that I do exactly as you suggest and store everything in UTC, only using localtime for input and output.
Most odd time problems can be solved by using UTC internally, but this is not one of them (and storing in local time creates a similar problem with meetings that are intended to occur at some specific time in UTC). The problem here is that the relationship between UTC and local time changed. An unpatched machine does a different conversion than a patched machine.
I should have been more clear. The problem is that people don't schedule appointments in UTC. I don't send a meeting request for March 20th at 15:00 UTC. I want my meeting to happen at a particular local time. If the definition of local time (including DST dates) changes between when I set the meeting and when it actually happens, the UTC time for that meeting also needs to change.
To add to the problems, different computers and programs have been patched at different times. What if someone with a patched computer sent out a meeting request that had the UTC time and I received it on a computer without it? My computer shows the meeting an hour off from the sender's computer. When I now patch my computer, I don't know whether to adjust the meeting time or not (assuming I didn't know the patch status of the sender's computer). There's not much you can do to avoid these issues, so people are trying to get the word out that you should confirm times for the next few weeks instead of assuming the program is displaying the intended time.
The algorithm is obvious: public key encryption. The product key is going to be something like {Product, Edition, Serial#, Hash} encrypted with Microsoft's private key. Knowing the algorithm only helps you if you also know the private key.
This is why you don't see keygens resulting from leaks of Windows source code. The key validation code is extremely simple. You simple decrypt with the public key and check the hash. Activation takes care of checking the validity of the serial #.
And that is a significant part of the problem in this case. When you made an appointment for March 20th at 10am back six months ago before your computer was patched, the software converted that time to UTC before it stored it. Now you've applied the DST patch and your software now thinks that your appointment is at 11am local time.
I hate the $0.99/DRM-protected song as much as anybody, but I do see another scenario that requires DRM: subscription music services. At $15/month I need to listen to at least 15 new songs each month to break even. As a way of finding new music it works pretty well. You find some music you enjoy and then look at the list of recommended bands and try out their music. It's not much more than satellite radio, but you get to choose what's playing.
But, you could never have a service like this without DRM. Imagine a movie rental store that burned movies on DVD-Rs instead of handing you the original disk. Then they tell you that instead of returning your movie in a week you must throw it in the trash. I'd imagine just about everyone would keep their collection of DVD-Rs. Furthermore, many people would stop paying full price for a movie and get it for the rental price (or even the have 3 discs at a time plan, as long as you throw one away before picking up another).
Say my music budget is $15/month. If I buy DRM-free songs at roughly $1/song, it'll take me over 41 years to fill a 30GB music player (roughly 7500 songs). If I download DRM-protected songs using my music subscription I can fill that player every month (or more frequently) and constantly change the music that is on there. As long as music filesharing is easy to do, hardly anybody who owns an iPod is going to spend the thousands of dollars on music to fill it up. DRM makes it a dumber thing to do (since you'd lock yourself in for thousands of dollars), but DRM-free isn't going to make music sales take off much faster.
Guess what? Firefox does the exact same thing: "Firefox prevented this site from opening 2 popup windows" in a light yellow bar at the top of the page with an X on the right side to close it. "Only Microsoft" indeed.
I imagine the information bar increases the usability of websites that still require pop-ups for users who wouldn't otherwise know that their browser is blocking these windows. An icon in the status bar at the bottom of the window is too subtle for some users.
One interesting feature of the Vista control panel (if you aren't useing classic mode) is that you can search for tasks in the upper right hand corner of the window. For example, searching for "mouse speed" will give you a link straight to the particular tab of the dialog box that lets you adjust the speed of the mouse. It's updated as you type as well, so you can use it to narrow down the various configuration tasks (since some options might be in accessiblity or display or somewhere else that a new user might not expect). Along with the fact that it knows alternative names for various options (so you could type "monitor" or "screen" or "display" regardless of what the actual option is), this should mean that less experienced users won't get so lost in the control panel.
The thing that I've seen warnings about is people trying to schedule meetings/events/etc that happen during the time between the new and old time changes. Generally you schedule something with respect to local time, but the program itself stores it as UTC (as you suggest). If you scheduled it on an unpatched machine, it would be an hour off when you got around to patching the machine.
There was no lawsuit. The goal of the plea was for BillG to toss the guy free licenses to all of the software he was using so that the Russian government might drop its criminal investigation. Microsoft's stance on the issue was that while they obviously don't support piracy, they would rather spend their time going after companies that are selling illegal copies of Windows for profit (ie shady PC manufacturers) than pursue a case against someone who installed it on a few school computers for educational use.
That's odd, at school they were $1.25, at the store they are $1.05, and at work soda is free. The amusing part is that I drink a lot less soda at work then I did in school. After your first week or two of free soda you get tired of the sugar and start drinking water, juice, milk, etc.
If they're targetting Apple, you can look forward to a version of iTunes that doesn't work with iTMS and an iPod that is incapable of playing any DRM-protected songs. Apple does not have the right to remove DRM from the songs it sells. The real target should be the companies that license the songs, since they are the only ones that can control the terms of distribution for their content.
Additionally, the last time I checked the wording of the EULA could quite easily be interpreted to allow a Vista VM running under another OS (just not a re-use of your existing Vista license to run a VM under a "native" install).
I'd be curious to hear an official Microsoft response on this. My reading of it agrees with yours that it seems to be talking about the license not applying to a VM running on the licensed device.
Consider the home license: "You may not use the software installed on the licensed device within a virtual... hardware system." It looks to me like they don't want you to reuse the existing installation (and license) in a virtual system. I could probably argue either reading for the home license.
The Business/Ultimate license is what made me begin questioning the normal Slashdot interpretation: "You may use the software installed on the licensed device within a virtual... hardware system on the licensed device." Notice that this version says that the virtual hardware system is running on the licensed device. This implies that this instance of the EULA applies to the host system, but the guest system is allowed to use the licensed software.
IANAL, but my interpretation is that the intent of this clause is to allow the business versions of the client to run in a sandbox mode with multiple instances of the OS covered by a single instance of the license. I suspect that the next server OS utilizes virtual machines as a security feature and the Vista license includes this clause so developers can test a single user version on their workstations. Of course, I could be completely wrong, but if so, why the destinction between "licensed device" and "virtual hardware system" instead of indicating that the (un)licensed device is the virtual hardware system?
If you're into encryption and the challenges of meeting various design constraints, here's a paper from Microsoft describing the algorithm and their attack model. Of particular interest is the requirement that it must take fewer cycles to decrypt data than to read it from disk (otherwise the CPU becomes the bottleneck for disk operations).
Essentially algorithms that are known to be stronger may be too slow for full disk encryption. If turning on BitLocker was a significant performance issue, most users would turn it off. If you are worried about specific files, it might be wise to use a stronger, but slower, algorithm just for those files so that the rest of the disk operates at a reasonable speed.
As to your specific point, they do mention the weaknesses of AES-CBC. This was their motivation for the diffuser component (while its quality is unproven, they do show that it can't be any worse than simply using AES-CBC; the point of this document is to expose it to public scrutiny). It looks like the diffuser makes it difficult to determine the plaintext that was supplied to AES. In particular, you don't know which bits to modify to produce changes in any particular block of the AES chain. Similarly, modifiying the ciphertext will cause the change to be randomly propogated across the plaintext (Ciphertext -> AES-CBC -> Diffuser -> Plaintext).
Aside from installing software, I doubt the typical user will see a UAC prompt. In eight months of using Vista, I don't recall a single unexpected UAC prompt. To put it another way, I have yet to see one for something that a normal user can do in Linux.
Most people are under the impression that UAC is primarily intended to stop the user from doing something. To me that is a secondary goal. The real purpose of it is to prevent programs from harming the system. In other words, it's not really there to stop a user from doing something stupid like deleting files from C:\Windows (but it may have that effect), instead it's intended to stop malicious/broken code from harming the system.
The audio mixer in Vista is no longer based on different audio types (MIDI, CD Audio, WAV, etc). Instead, there is a volume slider and mute button for each application that makes sounds. So you can mute IE, AIM (those annoying video ads), and Windows itself, while still playing your music in WinAmp or WMP.
Actually, there's a very simple reason for Microsoft to release a service pack in the second half of 2007. That happens to be the exact same phrase used to describe the release of Longhorn server. In case you didn't know, Longhorn client (Vista) and Longhorn server are built from the same codebase. Vista SP1 is primarily the result of an extra year of development to the common OS components, plus any client patches that didn't make it in time for RTM.
The point is that most of the work will have been done for the server release already. They may as well package up a new build of the client since it will inherit any improvements from the server.
My problem with that particular article is that the author seems to want a version of Windows without the restrictions that is still capable of playing HD-DVD and Blu-Ray movies. Just about every criticism that is related to performance is only applicable when playing back these movies.
I'll agree that there is a design flaw, but I'd say it belongs to the content producers. Microsoft seems to have done a reasonable job of keeping the flawed design limited to the code paths involved in playing back this so-called premium content. I've seen no evidence that performance is affected by this design when you are not playing back HD movies. If there is no consumer demand for HD movie support, I'd expect that we'd see ATI and nVidia market gaming-oriented cards that specifically do not support all of the encryption, etc., required by the content producers. My original point was that Vista works just fine on existing hardware with none of these performance issues doing everything that you could do on XP. I'd be up in arms the same as the author if Vista required all of the content protection hardware and permanently enabled all of the software restrictions, even if you were never going to watch HD movies.
First of all, as far as I can tell, that article only applies to HD-DVD and Blu-Ray content. For example, "since S/PDIF doesn't provide any content protection, Vista requires that it be disabled when playing protected content." I tried this with DRM protected audio (streaming from Zune Marketplace) and sure enough it played on my surround sound system with no problems. Similarly, I played a DVD with DTS audio perfectly fine over the optical cable (Vista actually made this easier since it ships with a DVD decoder, unlike XP which requires you to purchase a 3rd party decoder). In other words there is no loss in functionality with respect to existing DRM-protected media (i.e. if it worked on XP it'll work the same on Vista).
So if these problems only apply to HD-DVD and Blu-Ray, I don't see them as a criticism of Microsoft and Vista, but rather to the content producers who demand these changes. As far as I know, Apple has not announced the details of commericial HD playback, but I'd be surprised if they produce something with significantly fewer restrictions. And obviously Linux won't be supporting these discs legally any time soon. It seems to me that the best option is to just continue ignoring the existence of these new discs and you won't be affected by any of this.
Slashdot Mirror
Actually, I imagine the dev team had a patch ready within a short time of it being reported in December. The initial patch probably broke a lot more stuff than the released one does. Microsoft tests patches against a huge number of applications and configurations as part of their regression testing. As long as it's not being exploited, it's better for MS to keep working on compatibility issues. Once the exploit was public, MS pushed it out the door with one remaining compatibility issue and a hotfix for that issue (a hotfix is a patch that hasn't gone through the full regression testing - it may break more than it fixes, so it is only for people experiencing a specific issue; hotfixes get grouped together and go through full testing for each service pack).
I don't know about an online store, but national US chains do charge different prices in different states. Products tend to be cheaper in lower income regions of the US. It doesn't really make sense to hold prices constant while allowing average income to differ.
If the EU wants the music labels to set a standard EU price, expect that price to be higher than what it currently is in lower income countries in Europe. Sure the UK might get a price break, but music will be less affordable than it currently is in other parts of Europe.
If you're doing a lot of configuration (or even installing a number of applications), start an elevated PowerShell session. Any applications that you launch will be elevated, so msiexec can be used for installing/uninstalling programs, mmc for configuring settings, etc.
It's funny that you should mention this, since Vista includes a new Reliability Monitor that helps you visualize the reliability of your system. It keeps track of the success/failure of installs, application crashes, hardware problems, and Windows crashes.
For example, my computer has not had any serious reliability issues since Vista RTM was installed in mid-January. Furthermore, the application crashes includes programs you write yourself, so developers will have to pay more attention to the details than the chart.
This combined with a few other diagnostic improvements should make it easier to help family and friends that complain of computer problems but can't describe what is happening.
To give some context to who Michael Howard is, he is one of the head security guys at Microsoft. One of his roles is to improve the development process across Microsoft to improve security. So the MSRC responds to actual security vulnerabilities, while Michael looks at why the development team missed the bug and how to avoid it in future products.
If you read what Michael actually said the issue becomes more apparent. A security bug that affect Vista and XP will usually be given the same rating, even if Vista has defense mechanisms that it make it extremely unlikely that it can be exploited. In the security alert they will list any defense mechanisms that make it harder to exploit the bug, but they don't change the rating.
It's one account for both services (just like you can use an Xbox Live account/identity for the Zune Marketplace). I imagine relatively few people would consider paying for the Gold account on Windows, compared to Xbox 360 users who will use their existing account on Windows.
I used to run Linux on my laptop (an IBM T40). When every distro I tried (Ubuntu, Fedora, Gentoo) had a kernel panic upon resuming from sleep, I gave up. From everything I read about this problem, power management is pretty delicate. Even if it works on one person's hardware it might have problems on a nearly identical computer. Apple has a huge advantage over Microsoft and the Linux community in that their testing can cover every hardware configuration that consumers can buy.
As for your problem with a slow wake-up from sleep mode (mine is in the 1-2 seconds range on Vista), did you check to see if Vista was reporting driver or software issues that were causing problems?
From the Performance Information and Tools screen (the one with the Windows Experience Index scores), click on Advanced Tools on the left. At the top of the screen you may see a list of performance issues that Windows has detected. For more detailed information, try the "View performance details in the Event Log" tool. Glancing through the list, there's information on high disk usage, processes with larger than normal working sets, devices or drivers that are delaying boot/shutdown/sleep/resume operations, etc.
That's a fine solution, except that most people schedule appointments with respect to local time. I want a meeting at 4pm here and whatever time that is for people who are calling in (scheduled for some day in the extended DST period). Outlook/Exchange convert 4pm to the appropriate UTC time. After I send that out to everyone, some people's machines get patched, including mine. It now displays that meeting as occuring at 5pm since it stored the time as UTC. Since most people at that meeting are in my timezone and leave work around 5pm, I have to move the meeting time (ie I need to adjust the UTC time for the meeting).
To add to the confusion, people who already patched their machine always saw the meeting at 5pm local time. Without knowing if my machine was patched or not when I scheduled the meeting, they can't be sure if I meant 5pm or if it might actually be 4pm. So there is definitely room for confusion, despite the fact that I do exactly as you suggest and store everything in UTC, only using localtime for input and output.
Most odd time problems can be solved by using UTC internally, but this is not one of them (and storing in local time creates a similar problem with meetings that are intended to occur at some specific time in UTC). The problem here is that the relationship between UTC and local time changed. An unpatched machine does a different conversion than a patched machine.
I should have been more clear. The problem is that people don't schedule appointments in UTC. I don't send a meeting request for March 20th at 15:00 UTC. I want my meeting to happen at a particular local time. If the definition of local time (including DST dates) changes between when I set the meeting and when it actually happens, the UTC time for that meeting also needs to change.
To add to the problems, different computers and programs have been patched at different times. What if someone with a patched computer sent out a meeting request that had the UTC time and I received it on a computer without it? My computer shows the meeting an hour off from the sender's computer. When I now patch my computer, I don't know whether to adjust the meeting time or not (assuming I didn't know the patch status of the sender's computer). There's not much you can do to avoid these issues, so people are trying to get the word out that you should confirm times for the next few weeks instead of assuming the program is displaying the intended time.
The algorithm is obvious: public key encryption. The product key is going to be something like {Product, Edition, Serial#, Hash} encrypted with Microsoft's private key. Knowing the algorithm only helps you if you also know the private key.
This is why you don't see keygens resulting from leaks of Windows source code. The key validation code is extremely simple. You simple decrypt with the public key and check the hash. Activation takes care of checking the validity of the serial #.
And that is a significant part of the problem in this case. When you made an appointment for March 20th at 10am back six months ago before your computer was patched, the software converted that time to UTC before it stored it. Now you've applied the DST patch and your software now thinks that your appointment is at 11am local time.
I hate the $0.99/DRM-protected song as much as anybody, but I do see another scenario that requires DRM: subscription music services. At $15/month I need to listen to at least 15 new songs each month to break even. As a way of finding new music it works pretty well. You find some music you enjoy and then look at the list of recommended bands and try out their music. It's not much more than satellite radio, but you get to choose what's playing.
But, you could never have a service like this without DRM. Imagine a movie rental store that burned movies on DVD-Rs instead of handing you the original disk. Then they tell you that instead of returning your movie in a week you must throw it in the trash. I'd imagine just about everyone would keep their collection of DVD-Rs. Furthermore, many people would stop paying full price for a movie and get it for the rental price (or even the have 3 discs at a time plan, as long as you throw one away before picking up another).
Say my music budget is $15/month. If I buy DRM-free songs at roughly $1/song, it'll take me over 41 years to fill a 30GB music player (roughly 7500 songs). If I download DRM-protected songs using my music subscription I can fill that player every month (or more frequently) and constantly change the music that is on there. As long as music filesharing is easy to do, hardly anybody who owns an iPod is going to spend the thousands of dollars on music to fill it up. DRM makes it a dumber thing to do (since you'd lock yourself in for thousands of dollars), but DRM-free isn't going to make music sales take off much faster.
Guess what? Firefox does the exact same thing: "Firefox prevented this site from opening 2 popup windows" in a light yellow bar at the top of the page with an X on the right side to close it. "Only Microsoft" indeed.
I imagine the information bar increases the usability of websites that still require pop-ups for users who wouldn't otherwise know that their browser is blocking these windows. An icon in the status bar at the bottom of the window is too subtle for some users.
One interesting feature of the Vista control panel (if you aren't useing classic mode) is that you can search for tasks in the upper right hand corner of the window. For example, searching for "mouse speed" will give you a link straight to the particular tab of the dialog box that lets you adjust the speed of the mouse. It's updated as you type as well, so you can use it to narrow down the various configuration tasks (since some options might be in accessiblity or display or somewhere else that a new user might not expect). Along with the fact that it knows alternative names for various options (so you could type "monitor" or "screen" or "display" regardless of what the actual option is), this should mean that less experienced users won't get so lost in the control panel.
The thing that I've seen warnings about is people trying to schedule meetings/events/etc that happen during the time between the new and old time changes. Generally you schedule something with respect to local time, but the program itself stores it as UTC (as you suggest). If you scheduled it on an unpatched machine, it would be an hour off when you got around to patching the machine.
There was no lawsuit. The goal of the plea was for BillG to toss the guy free licenses to all of the software he was using so that the Russian government might drop its criminal investigation. Microsoft's stance on the issue was that while they obviously don't support piracy, they would rather spend their time going after companies that are selling illegal copies of Windows for profit (ie shady PC manufacturers) than pursue a case against someone who installed it on a few school computers for educational use.
That's odd, at school they were $1.25, at the store they are $1.05, and at work soda is free. The amusing part is that I drink a lot less soda at work then I did in school. After your first week or two of free soda you get tired of the sugar and start drinking water, juice, milk, etc.
If they're targetting Apple, you can look forward to a version of iTunes that doesn't work with iTMS and an iPod that is incapable of playing any DRM-protected songs. Apple does not have the right to remove DRM from the songs it sells. The real target should be the companies that license the songs, since they are the only ones that can control the terms of distribution for their content.
Consider the home license: "You may not use the software installed on the licensed device within a virtual
The Business/Ultimate license is what made me begin questioning the normal Slashdot interpretation: "You may use the software installed on the licensed device within a virtual
IANAL, but my interpretation is that the intent of this clause is to allow the business versions of the client to run in a sandbox mode with multiple instances of the OS covered by a single instance of the license. I suspect that the next server OS utilizes virtual machines as a security feature and the Vista license includes this clause so developers can test a single user version on their workstations. Of course, I could be completely wrong, but if so, why the destinction between "licensed device" and "virtual hardware system" instead of indicating that the (un)licensed device is the virtual hardware system?
If you're into encryption and the challenges of meeting various design constraints, here's a paper from Microsoft describing the algorithm and their attack model. Of particular interest is the requirement that it must take fewer cycles to decrypt data than to read it from disk (otherwise the CPU becomes the bottleneck for disk operations).
Essentially algorithms that are known to be stronger may be too slow for full disk encryption. If turning on BitLocker was a significant performance issue, most users would turn it off. If you are worried about specific files, it might be wise to use a stronger, but slower, algorithm just for those files so that the rest of the disk operates at a reasonable speed.
As to your specific point, they do mention the weaknesses of AES-CBC. This was their motivation for the diffuser component (while its quality is unproven, they do show that it can't be any worse than simply using AES-CBC; the point of this document is to expose it to public scrutiny). It looks like the diffuser makes it difficult to determine the plaintext that was supplied to AES. In particular, you don't know which bits to modify to produce changes in any particular block of the AES chain. Similarly, modifiying the ciphertext will cause the change to be randomly propogated across the plaintext (Ciphertext -> AES-CBC -> Diffuser -> Plaintext).
Aside from installing software, I doubt the typical user will see a UAC prompt. In eight months of using Vista, I don't recall a single unexpected UAC prompt. To put it another way, I have yet to see one for something that a normal user can do in Linux.
Most people are under the impression that UAC is primarily intended to stop the user from doing something. To me that is a secondary goal. The real purpose of it is to prevent programs from harming the system. In other words, it's not really there to stop a user from doing something stupid like deleting files from C:\Windows (but it may have that effect), instead it's intended to stop malicious/broken code from harming the system.
The audio mixer in Vista is no longer based on different audio types (MIDI, CD Audio, WAV, etc). Instead, there is a volume slider and mute button for each application that makes sounds. So you can mute IE, AIM (those annoying video ads), and Windows itself, while still playing your music in WinAmp or WMP.
Actually, there's a very simple reason for Microsoft to release a service pack in the second half of 2007. That happens to be the exact same phrase used to describe the release of Longhorn server. In case you didn't know, Longhorn client (Vista) and Longhorn server are built from the same codebase. Vista SP1 is primarily the result of an extra year of development to the common OS components, plus any client patches that didn't make it in time for RTM.
The point is that most of the work will have been done for the server release already. They may as well package up a new build of the client since it will inherit any improvements from the server.
My problem with that particular article is that the author seems to want a version of Windows without the restrictions that is still capable of playing HD-DVD and Blu-Ray movies. Just about every criticism that is related to performance is only applicable when playing back these movies.
I'll agree that there is a design flaw, but I'd say it belongs to the content producers. Microsoft seems to have done a reasonable job of keeping the flawed design limited to the code paths involved in playing back this so-called premium content. I've seen no evidence that performance is affected by this design when you are not playing back HD movies. If there is no consumer demand for HD movie support, I'd expect that we'd see ATI and nVidia market gaming-oriented cards that specifically do not support all of the encryption, etc., required by the content producers. My original point was that Vista works just fine on existing hardware with none of these performance issues doing everything that you could do on XP. I'd be up in arms the same as the author if Vista required all of the content protection hardware and permanently enabled all of the software restrictions, even if you were never going to watch HD movies.
First of all, as far as I can tell, that article only applies to HD-DVD and Blu-Ray content. For example, "since S/PDIF doesn't provide any content protection, Vista requires that it be
disabled when playing protected content." I tried this with DRM protected audio (streaming from Zune Marketplace) and sure enough it played on my surround sound system with no problems. Similarly, I played a DVD with DTS audio perfectly fine over the optical cable (Vista actually made this easier since it ships with a DVD decoder, unlike XP which requires you to purchase a 3rd party decoder). In other words there is no loss in functionality with respect to existing DRM-protected media (i.e. if it worked on XP it'll work the same on Vista).
So if these problems only apply to HD-DVD and Blu-Ray, I don't see them as a criticism of Microsoft and Vista, but rather to the content producers who demand these changes. As far as I know, Apple has not announced the details of commericial HD playback, but I'd be surprised if they produce something with significantly fewer restrictions. And obviously Linux won't be supporting these discs legally any time soon. It seems to me that the best option is to just continue ignoring the existence of these new discs and you won't be affected by any of this.