because >3GB makes Vista 64-bit bluescreen, even during the install, and the patch isn't installin FYI this isnt a general purpose problem, as I've been running quite nicely on a Vista Business x64 box with 4GB of ram (HP Compaq 8710w laptop).
Beyond that, has there been any actual basis showing that SP1 (of the testers) adds any form of significant performance enhancements? From the tests done on the RC's, and from MS' own publications, there will not be a significant general speed improvement. What SP1 hits are several of those really bad performing areas, like really slow network copying for those who experienced it, and the network/audio QoS bug that was present in RTM, etc.
So fixing some significantly bad specific issues, but not a general across the board performance increase for those who werent experiencing these specific problems already.
It may not be as elegant as sudo and the gui equivalents of sudo in kde/gnome/osx.
But its light years better than being forced to explicitly use RunAs on everything, XP style.
It sounds like you're saying that just because something is better, but its not perfect, that you'd rather go back to something that was much crappier.
Having to do runas in XP was so much was more of a pain than UAC in Vista, I cant believe anyone would argue otherwise.
XPx64 has been used by engineering companies effectively for several years for instances where they needed more than 4GB of memory, so I suspect that it'll work quite well for you folks.
XPx64 is basically the 64-bit version of Windows 2003 Server, so it should run well, as long as you're buying hardware from a vendor that supports it fully with stable drivers (like HP on their engineering desktops).
And I thought I was clear in my post about what the complaint is.
None of his writings are based on anything tested on the actual product. He's never (from all appearances) used Vista, tested any of his theories against it, hooked a debugger to it, traced the traffic on busses, etc.
So he has a big pile of theories, that are based on (reportedly) very old documentation, and some third party engineers from other companies.
But he has NEVER tested his ideas against reality. He's got this big house of cards built up on nothing.
Any decent scientist, or even someone who is interested in accuracy and verifiability, would have actually tested his theories against reality at some point.
Gutmann has never done this, based on his writings. This real-world testing is conspicuously absent in all of his work.
The reason you havent seen this yet is that most of us have seen through the hype and realized that Gutmann is not someone you want to use as an authority on anything.
Read through his stuff critically. You'll notice little things like the fact that NONE of his theories are based on actual usage or testing of Vista, but all based on his theories about how it MIGHT be implemented.
This is a 'scientist' who never could be bothered to testing his hypothesis against reality. He lives purely in the world of speculation and theory.
DLL hell is a purely MS Windows problem since every other system has some way of determining different versions of libraries and has ways for multiple versions of those libraries to exist on the same system at the same time. MS Windows has a way of determining different versions of libraries and ways for multiple versions of those libraries to exist on the same system at the same time.
Go poking around in your system folders. There are many different versions of the same DLL, for compatibility reasons.
The 'DLL Hell' problem is mostly a problem of 1) 10 years ago, and 2) incompetent developers, who will insist on trying to overwrite the current ver of a DLL in windows\system32 with their 4 year old one. The smart developers just ship with the DLL in the same directory as their EXE or target a specific version that ships with windows.
In particular, the fundamental security flaws that exist in the Windows environment are there because, at the end of the day, any new version of Windows must have backward compatibility with applications designed for an OS that was never supposed to be networked. Can you discuss some of these fundamental security flaws?
NT was designed as a multi-user, networked OS from the first version. I'm not sure where you're getting that it was not. After all, it was client-server from the first version.
I don't think the "slow and bloated" aspect is as slow as you make it out to be, and certainly not as bloated. I dont make it out to be anything... the words I used in that sentence were stronger than I intended. Was just trying to compare the strengths of the different approaches.
Regarding the rest, yeah, I'm quite familiar. I've managed Exchange orgs of various sizes and shapes over the last 10 years, since the 5.5 days, to current. I've never had a corrupt mail store under my watch in all that time, though I've helped other people fix theirs.
The funny thing is, I've found Exchange to be the most rock-solid, reliable, fast and bullet proof mail server that I've ever used or managed. I realize thats not the normal experience, but it definitely has been mine. Cant tell you how many unix based systems I've seen down on a constant basis while my Exchange boxes just keep chugging along. But I do realize thats not the normal experience, and I may have been lucky.
You realize that your entire discourse there could be said equally truly by just replacing RHEL/CentOS with 'properly managed windows'.
If you manage the windows boxes the same way you would manage the linux boxes, then you'd have the same result. The problem is you're comparing doing a terrible job managing the windows boxen with doing a good job managing the linux boxen.
For example, just run the windows systems locked down, non-priv'd and PXE booting from a network share.
Doesnt require an iota of commercial management software.
What you're experiencing are crappy windows admins, who have convinced their management to spend money on commercial management so that they can avoid figuring out how to do their jobs properly and learning about their tools.
I'm not saying there's anything wrong with a Linux solution there, but at least compare apples to apples.
You could run the whole thing on windows with 2 smart techies from a remote site and zero commercial software. But to do that you'd need competent techs.
I think NT has poor task scheduling, poor IO scheduling, poor VM management. All of this stuff you're referring to are things specifically improved in Vista that were problematic in XP and prior.
In particular, the task scheduler, IO schedule, and VMM are vastly, vastly improved over XP. You can see that very quickly when using Vista on a machine with stable drivers.
- Insert a bad CD / DVD into your drive and watch explorer stall - Open a 2 gig file in notepad and watch the VM system go crazy - Try browsing a network when some of the computers are no longer available - Try running without a pagefile (at least this now works in XP) These are all things that were problematic on XP that have been largely fixed and eliminated as problems in Vista.
Can someone please explain in detail why Vista runs slowly even on new machines? My current theory is that Vista is insanely sensitive to bad drivers.
But given the evidence I've seen, this is the only theory that holds.
I've seen machines with slow hard drives, mediocre processors, and built in intel crapola graphics cards run vista business with aero perfectly, rock solid, very fast, bulletproof reliability.
I've seen machines with 1.8GHz or better C2D, 2-4GB of ram, and fast hard drives run Vista horrendously slow, and with lots of problems with stability.
And in general, x64 installs of Vista seem to be more stable than x86 installs.
All of this adds up to the only difference being in drivers.
Take my machine, Vista is just absolutely flawless, fast, and stable. Of course, I've got an absurdly overpowered HP Compaq 8710w laptop with very high end equipment. But its also running x64 vista, and is an engineering workstation. The drivers and overall equipment quality from HP seems to be very high.
But the consumer level garbage that people buy at best-buy and such seems to do really badly.
This all adds up to me thinking that just most of the vista-ready drivers for hardware are just really crappy poorly ported software.
Time will tell though. I will say though, that many of the core kernel level changes made to Vista are huge, huge improvements. They're the kind of thing only a software guy could appreciate, but they should result in a much more stable system, once the growing pains are worked through.
The core problem here was almost certainly misconfigured write-caching policies on the low-end raid controller, or just faulty errors in the raid controllers themselves.
These sort of 'built in' raid controllers are basically the raid controller equivalent of a winmodem. They're consumer level crap and should never be used when its actually important to have data integrity. And never in a business environment.
Unfortunately, due to the way Exchange does data storage, its very sensitive to low quality disk subsystems. The reason you only saw errors there was probably because the Exchange store was the only thing on the box that loaded the controller enough to expose its faults.
I'm not sure what you expected MS to do for what was (based on your description) a faulty hardware problem, but I do feel your pain. Exchange can be a beast if you dont have alot of experience with it. And it demands good disk subsystems if you dont have enough ram to hold the entire store in memory (and who does for any non-trivial exchange installation).
We run into these sorts of anti-patterns all the time with a certain class of client (for IT outsourcing).
They buy crap hardware, dramatically overload it, and then complain when it doesnt work right. But they also dont want to pay for a proper solution. Example is a software company client who will spend more on a large monitor for a developer than they will for a file storage server. And this is the storage server that they host their software product source-code control on. Just boggles the mind.
And in many ways, the MS style of apps exacerbates the problem. Many traditional unix based mail servers have the mail store as just a bunch of files and folders. This makes it slow and bloated due to duplicated data, but makes certain things MUCH easier and more reliable (backups & restores, and recovery from point errors on the underlying disc). Exchange, on the other hand, is very sensitive to disk problems and generally demands higher quality hardware.
OK, so you never work with Office XP or 2000? Um, sorry, but if you save out a document in 2007 it does not open in the older versions - and I am not going out and buying all new software for everyone in the company. In addition, the particular format that I need from Office is HTML - they totally re-did that part of Office, and it is totally incompatible at this point. FYI, you can choose to Save As the older formats at any time.
You can also configure the Office 2007 components to use a different format as the default Save format (like the previous generation).
You can also push out a group policy to change the default save format for the entire org.
You can also install (or push out centrally) the Office Compatibility Pack (free) for Office 2003 (and some previous versions I think) so that your Office 2003 folks can open, save, etc the new formats.
1) Nothing works the same as previous operating systems. Finding the "dumb" default so I could disable them took hours (such as "hide files so you can't fix problems" and "don't show extension to give spyware a chance"). I don't want to have to relearn everything just to add one computer. Several things wrong with this statement.
The specific items you reference are in exactly the same place on Vista as they are in XP. Open Windows Explorer, go to Tools on the pull-down menu, then choose 'Folder Options'. Click the 'View' tab. The checkboxes are titled EXACTLY the same as in XP in that window.
If you didnt want to have to relearn anything on one computer, then why did you choose to buy one computer with a different OS than all your other ones?
2) The new "alert" dialogs seem spiffy, until you realize that it make VNC stop working (it pauses all services) - while adding no real benefit, since the entire filesystem is writeable anyway. It doesn't help to disable the Microsoft way of doing things when the trojans can bypass it but the users can't. And don't tell me there's a way to disable it - I DON'T WANT TO LEARN A NEW SYSTEM FOR ONE NEW LAPTOP! It does the same thing for copilot, unless you disable the 'secure desktop' for UAC alerts. But this has nothing to do with stopping all services (which it doesnt do).
What its doing is switching the console to a different desktop. So your VNC desktop is still running, but the GUI is frozen. The 'secure destkop' that you see at the console is a completely different desktop, which VNC isnt privy to (purposefully, so Accept keystrokes cant be emulated).
I'm not sure what you mean by 'the entire filesystem is writeable anyway'. Nothing about UAC changes NTFS ACLs.
How exactly can 'the trojans bypass it, but the users cant'? This doesnt seem to make any sense in the context of UAC.
There isn't even an option to use the old format we needed, it is simply not there anymore. Yes it is. The only version of Office 2007 I'm aware of that disables prior versions in Save as is the Demo trialware versions.
I have Office 2007 pro on here, and I exclusively use old formats for compatibility purposes. In fact, I've got office configured to save to the old formats by default. And I've pushed out the Office Compatibility pack for the 2003 folks, so they can read and use any 2007 formats that are sent to them by outsiders.
When multimedia of any sort plays, the network performance drops DRAMATICALLY. It's a wannabe DRM feature to prevent piracy. At least try to get your facts right.
This has been well reported on. It was a novice bug that a low-level developer introduced in the audio playback QoS system. The junior dev basically used a magic number for a performance threshhold and assumed that it was applicable for all situations. Unsurprisingly, it wasnt.
It's a known bug that affects a minority of installations, and is scheduled to be fixed in SP1.
Computers going slower while doing NOTHING is unacceptable. I dont understand this statement. What does doing 'nothing' slowly look like?
Compare the time it takes to boot, open the word processor of your choice, and print a business letter with Vista, XP, Mac OSX, MacOS7, an Apple IIc, and a C64. I've never used Macs prior to OSX, so cant comment. My commie only did games.
On my Vista box, booting to login is faster than XP, and doesnt sit and churn after login for as long as XP did.
Opening MS word is nearly instant, with substantially less than a second between launching it, and when I can start typing.
Vista is the worst. I don't need a nanny state OS. I need to make little letters appear on my screen as fast a humanly possible, without pointless graphics effects and dialog boxes wasting my time. What graphics effects and dialog boxes are relevant to typing things? I have never seen an example of either of those getting in the way of typing things.
The biggest difference I've noticed between XP and Vista is that Vista seems much more stable/reliable over the long run. My XP box would only go about 2 weeks of normal behavior (3-5 docks/undocks, standby & resume per day, and many many switching networks and in and out of VPNs) before starting to get flaky.
My new box with Vista (I am the guinea pig for testing our company apps on Vista, and working out the incompatibilities with it) has been just rock solid. I believe since I set it up in November, that I've only rebooted it 3 times, 2 of which were due to December & January's super-tuesday patching.
The shell/UI seems to be much more robust, and nearly impervious to hanging or slowing down due to disk activity, or flaky network issues. XP was terrible about this, and coming out of a VPN that you had open connections to could often lock the shell for a minute or so. None of that stuff happens at all on Vista, which is a nice improvement.
I think your post was a gross over-generalization.
Can you name these well-known problems that were apparent to you in NT4 but havent been addressed? Or even some representative set?
Age in a kernel isnt necessarily a bad thing. I think its generally accepted that a kernel for a general purpose OS takes at least 10 years to mature enough to be relied upon.
It's actually not anything even remotely authoritative.
Read through Gutmann's stuff. You'll notice some very interesting things.
For example, all of his ideas are based off the assumption that his ideas of how this stuff might be implemented in Vista are true.
To be clear... he reads some really old whitepapers, talks to a few people who work for companies other than microsoft.
He then makes a decision about how he thinks all this stuff MIGHT be implemented in Vista.
He then takes this completely speculative, utterly unfounded or untested assumption, and runs with it like mad.
He assumes that his assumptions are true (without every doing testing... you know that little thing, scientific method), and runs off with a huge website about what it MIGHT mean IF all his assumptions are true.
But he has never once, ever, tested whether his assumptions are true on an actual Vista computer.
He's never sat down and attached a debugger to the system, or done any sort of trivial testing of his theories.
This isnt science or logic, its smoke and mirrors.
First, only kernel drivers need to be signed. Most drivers do not need to be signed.
Second, if you do need a kernel driver, there are various ways to work around it.
Third, its pretty easy and cheap (~$200 per year) for whomever made the kernel driver to buy a code-signing cert and sign it. Dont have to talk to Microsoft, dont have to get any approval, just pay the $200.
The driver signing thing is a stability issue. Kernel mode drivers are dangerous, as they can destabilize the whole system. MS put a roadblock up for these, to try to improve the quality of the drivers.
And dont even get me started about Gutmann. Guy is a total fraud. Notice that in no cases, ever, did he ever once actually test his theories on an actual install of Vista to see if they were true?
No. His logic goes like this.
1. Assume based on some really old documentation and ad-hoc conversations with people in other companies, how this stuff works in Vista.
2. Predict what some of the outcomes and side-effects of his theoretical assumption would be.
3. Assume that all of his completely untested, completely theoretical ideas are true, and try to buzz up a big furor about his speculations, which may or may not (since no one has bothered to actually test against the real thing) have anything to do with reality.
4. Profit? Maybe not, as no ads on his site. But this kind of publicity doesnt hurt an academic. Helps them get more consulting contracts.
Again the lesson to take home from Gutmann is that they are his unproven theories. At no point did he attach a debugger to a Vista machine and actually test any of these theories. Not once. Not ever. His whole body of work on the subject is a fantasy.
Mind you, I dont give a rat's hairy butt whether you or anyone else likes or uses Vista. Means nothing to me. But I cant stand to see people parading around obviously unsupported or inaccurate information as true (speaking about Gutmann here). The driver signing thing is a commonly misunderstood situation as well.
Although I fully support anyone getting whatever they want (which you obviously did), I do have a couple comments about a couple of your points.
A colleague of mine recently installed Vista... none of his existing peripherals (including monitor) would function This is obviously not correct. Now it could be that certain types of DRM-laden media would not output HD resolution signals across some types of older monitor connectivity, this is not the same as saying the 'monitor wouldnt function'.
The only real conceivable thing I can think of is that the drivers for his video card were crappy on Vista, and wouldnt put out a resolution/refresh that he was comfortable with.
4 - fear of the unknown... when XP came out, it required extensive locking-down for privacy and security reasons, but at least it is possible. MS is notorious for lack of info (and also for spy-ware labeled as "features"), so it seems prudent for someone that feels they already spend too much time dealing with OS issues to wait until the support forums mature a bit at least. Vista is actually quite superior in these aspects to XP. IE itself running in the lockdown mode is hugely more robust against attacks and information leakage. Overall, the security posture of Vista is massively improved over XP. It's alot easier to never lose data and never have your machine get owned with Vista, than it was with XP.
Nope. Can't see a compelling reason to "upgrade". Even if I did "give it a chance", why? Why should I have to upgrade a computer that's a little over a year old in order to adequately run an OPERATING SYSTEM, whose primary purpose is to allow other applications to run? Who is this in your life that is trying to force you to upgrade. Can you tell them to stop?
It's real simple. If you want it, and you can buy a new machine thats designed to work well with it, or you can make sure you're installing it on a machine thats compatible, then go for it.
Slashdot Mirror
So fixing some significantly bad specific issues, but not a general across the board performance increase for those who werent experiencing these specific problems already.
Why?
It may not be as elegant as sudo and the gui equivalents of sudo in kde/gnome/osx.
But its light years better than being forced to explicitly use RunAs on everything, XP style.
It sounds like you're saying that just because something is better, but its not perfect, that you'd rather go back to something that was much crappier.
Having to do runas in XP was so much was more of a pain than UAC in Vista, I cant believe anyone would argue otherwise.
XPx64 has been used by engineering companies effectively for several years for instances where they needed more than 4GB of memory, so I suspect that it'll work quite well for you folks.
XPx64 is basically the 64-bit version of Windows 2003 Server, so it should run well, as long as you're buying hardware from a vendor that supports it fully with stable drivers (like HP on their engineering desktops).
Yes, I have read his reports.
And I thought I was clear in my post about what the complaint is.
None of his writings are based on anything tested on the actual product. He's never (from all appearances) used Vista, tested any of his theories against it, hooked a debugger to it, traced the traffic on busses, etc.
So he has a big pile of theories, that are based on (reportedly) very old documentation, and some third party engineers from other companies.
But he has NEVER tested his ideas against reality. He's got this big house of cards built up on nothing.
Any decent scientist, or even someone who is interested in accuracy and verifiability, would have actually tested his theories against reality at some point.
Gutmann has never done this, based on his writings. This real-world testing is conspicuously absent in all of his work.
The reason you havent seen this yet is that most of us have seen through the hype and realized that Gutmann is not someone you want to use as an authority on anything.
Read through his stuff critically. You'll notice little things like the fact that NONE of his theories are based on actual usage or testing of Vista, but all based on his theories about how it MIGHT be implemented.
This is a 'scientist' who never could be bothered to testing his hypothesis against reality. He lives purely in the world of speculation and theory.
Go poking around in your system folders. There are many different versions of the same DLL, for compatibility reasons.
The 'DLL Hell' problem is mostly a problem of 1) 10 years ago, and 2) incompetent developers, who will insist on trying to overwrite the current ver of a DLL in windows\system32 with their 4 year old one. The smart developers just ship with the DLL in the same directory as their EXE or target a specific version that ships with windows.
NT was designed as a multi-user, networked OS from the first version. I'm not sure where you're getting that it was not. After all, it was client-server from the first version.
Regarding the rest, yeah, I'm quite familiar. I've managed Exchange orgs of various sizes and shapes over the last 10 years, since the 5.5 days, to current. I've never had a corrupt mail store under my watch in all that time, though I've helped other people fix theirs.
The funny thing is, I've found Exchange to be the most rock-solid, reliable, fast and bullet proof mail server that I've ever used or managed. I realize thats not the normal experience, but it definitely has been mine. Cant tell you how many unix based systems I've seen down on a constant basis while my Exchange boxes just keep chugging along. But I do realize thats not the normal experience, and I may have been lucky.
You realize that your entire discourse there could be said equally truly by just replacing RHEL/CentOS with 'properly managed windows'.
If you manage the windows boxes the same way you would manage the linux boxes, then you'd have the same result. The problem is you're comparing doing a terrible job managing the windows boxen with doing a good job managing the linux boxen.
For example, just run the windows systems locked down, non-priv'd and PXE booting from a network share.
Doesnt require an iota of commercial management software.
What you're experiencing are crappy windows admins, who have convinced their management to spend money on commercial management so that they can avoid figuring out how to do their jobs properly and learning about their tools.
I'm not saying there's anything wrong with a Linux solution there, but at least compare apples to apples.
You could run the whole thing on windows with 2 smart techies from a remote site and zero commercial software. But to do that you'd need competent techs.
In particular, the task scheduler, IO schedule, and VMM are vastly, vastly improved over XP. You can see that very quickly when using Vista on a machine with stable drivers. - Insert a bad CD / DVD into your drive and watch explorer stall
- Open a 2 gig file in notepad and watch the VM system go crazy
- Try browsing a network when some of the computers are no longer available
- Try running without a pagefile (at least this now works in XP) These are all things that were problematic on XP that have been largely fixed and eliminated as problems in Vista.
But given the evidence I've seen, this is the only theory that holds.
I've seen machines with slow hard drives, mediocre processors, and built in intel crapola graphics cards run vista business with aero perfectly, rock solid, very fast, bulletproof reliability.
I've seen machines with 1.8GHz or better C2D, 2-4GB of ram, and fast hard drives run Vista horrendously slow, and with lots of problems with stability.
And in general, x64 installs of Vista seem to be more stable than x86 installs.
All of this adds up to the only difference being in drivers.
Take my machine, Vista is just absolutely flawless, fast, and stable. Of course, I've got an absurdly overpowered HP Compaq 8710w laptop with very high end equipment. But its also running x64 vista, and is an engineering workstation. The drivers and overall equipment quality from HP seems to be very high.
But the consumer level garbage that people buy at best-buy and such seems to do really badly.
This all adds up to me thinking that just most of the vista-ready drivers for hardware are just really crappy poorly ported software.
Time will tell though. I will say though, that many of the core kernel level changes made to Vista are huge, huge improvements. They're the kind of thing only a software guy could appreciate, but they should result in a much more stable system, once the growing pains are worked through.
You've been reading too much of Gutmann's fantasies.
The core problem here was almost certainly misconfigured write-caching policies on the low-end raid controller, or just faulty errors in the raid controllers themselves.
These sort of 'built in' raid controllers are basically the raid controller equivalent of a winmodem. They're consumer level crap and should never be used when its actually important to have data integrity. And never in a business environment.
Unfortunately, due to the way Exchange does data storage, its very sensitive to low quality disk subsystems. The reason you only saw errors there was probably because the Exchange store was the only thing on the box that loaded the controller enough to expose its faults.
I'm not sure what you expected MS to do for what was (based on your description) a faulty hardware problem, but I do feel your pain. Exchange can be a beast if you dont have alot of experience with it. And it demands good disk subsystems if you dont have enough ram to hold the entire store in memory (and who does for any non-trivial exchange installation).
We run into these sorts of anti-patterns all the time with a certain class of client (for IT outsourcing).
They buy crap hardware, dramatically overload it, and then complain when it doesnt work right. But they also dont want to pay for a proper solution. Example is a software company client who will spend more on a large monitor for a developer than they will for a file storage server. And this is the storage server that they host their software product source-code control on. Just boggles the mind.
And in many ways, the MS style of apps exacerbates the problem. Many traditional unix based mail servers have the mail store as just a bunch of files and folders. This makes it slow and bloated due to duplicated data, but makes certain things MUCH easier and more reliable (backups & restores, and recovery from point errors on the underlying disc). Exchange, on the other hand, is very sensitive to disk problems and generally demands higher quality hardware.
You can also configure the Office 2007 components to use a different format as the default Save format (like the previous generation).
You can also push out a group policy to change the default save format for the entire org.
You can also install (or push out centrally) the Office Compatibility Pack (free) for Office 2003 (and some previous versions I think) so that your Office 2003 folks can open, save, etc the new formats.
The specific items you reference are in exactly the same place on Vista as they are in XP. Open Windows Explorer, go to Tools on the pull-down menu, then choose 'Folder Options'. Click the 'View' tab. The checkboxes are titled EXACTLY the same as in XP in that window.
If you didnt want to have to relearn anything on one computer, then why did you choose to buy one computer with a different OS than all your other ones? 2) The new "alert" dialogs seem spiffy, until you realize that it make VNC stop working (it pauses all services) - while adding no real benefit, since the entire filesystem is writeable anyway. It doesn't help to disable the Microsoft way of doing things when the trojans can bypass it but the users can't. And don't tell me there's a way to disable it - I DON'T WANT TO LEARN A NEW SYSTEM FOR ONE NEW LAPTOP! It does the same thing for copilot, unless you disable the 'secure desktop' for UAC alerts. But this has nothing to do with stopping all services (which it doesnt do).
What its doing is switching the console to a different desktop. So your VNC desktop is still running, but the GUI is frozen. The 'secure destkop' that you see at the console is a completely different desktop, which VNC isnt privy to (purposefully, so Accept keystrokes cant be emulated).
I'm not sure what you mean by 'the entire filesystem is writeable anyway'. Nothing about UAC changes NTFS ACLs.
How exactly can 'the trojans bypass it, but the users cant'? This doesnt seem to make any sense in the context of UAC. There isn't even an option to use the old format we needed, it is simply not there anymore. Yes it is. The only version of Office 2007 I'm aware of that disables prior versions in Save as is the Demo trialware versions.
I have Office 2007 pro on here, and I exclusively use old formats for compatibility purposes. In fact, I've got office configured to save to the old formats by default. And I've pushed out the Office Compatibility pack for the 2003 folks, so they can read and use any 2007 formats that are sent to them by outsiders.
This has been well reported on. It was a novice bug that a low-level developer introduced in the audio playback QoS system. The junior dev basically used a magic number for a performance threshhold and assumed that it was applicable for all situations. Unsurprisingly, it wasnt.
It's a known bug that affects a minority of installations, and is scheduled to be fixed in SP1.
None of it has anything to do with DRM.
On my Vista box, booting to login is faster than XP, and doesnt sit and churn after login for as long as XP did.
Opening MS word is nearly instant, with substantially less than a second between launching it, and when I can start typing. Vista is the worst. I don't need a nanny state OS. I need to make little letters appear on my screen as fast a humanly possible, without pointless graphics effects and dialog boxes wasting my time. What graphics effects and dialog boxes are relevant to typing things? I have never seen an example of either of those getting in the way of typing things.
The biggest difference I've noticed between XP and Vista is that Vista seems much more stable/reliable over the long run. My XP box would only go about 2 weeks of normal behavior (3-5 docks/undocks, standby & resume per day, and many many switching networks and in and out of VPNs) before starting to get flaky.
My new box with Vista (I am the guinea pig for testing our company apps on Vista, and working out the incompatibilities with it) has been just rock solid. I believe since I set it up in November, that I've only rebooted it 3 times, 2 of which were due to December & January's super-tuesday patching.
The shell/UI seems to be much more robust, and nearly impervious to hanging or slowing down due to disk activity, or flaky network issues. XP was terrible about this, and coming out of a VPN that you had open connections to could often lock the shell for a minute or so. None of that stuff happens at all on Vista, which is a nice improvement.
I think your post was a gross over-generalization.
Can you name these well-known problems that were apparent to you in NT4 but havent been addressed? Or even some representative set?
Age in a kernel isnt necessarily a bad thing. I think its generally accepted that a kernel for a general purpose OS takes at least 10 years to mature enough to be relied upon.
It's actually not anything even remotely authoritative.
... he reads some really old whitepapers, talks to a few people who work for companies other than microsoft.
... you know that little thing, scientific method), and runs off with a huge website about what it MIGHT mean IF all his assumptions are true.
Read through Gutmann's stuff. You'll notice some very interesting things.
For example, all of his ideas are based off the assumption that his ideas of how this stuff might be implemented in Vista are true.
To be clear
He then makes a decision about how he thinks all this stuff MIGHT be implemented in Vista.
He then takes this completely speculative, utterly unfounded or untested assumption, and runs with it like mad.
He assumes that his assumptions are true (without every doing testing
But he has never once, ever, tested whether his assumptions are true on an actual Vista computer.
He's never sat down and attached a debugger to the system, or done any sort of trivial testing of his theories.
This isnt science or logic, its smoke and mirrors.
A couple issues here.
First, only kernel drivers need to be signed. Most drivers do not need to be signed.
Second, if you do need a kernel driver, there are various ways to work around it.
Third, its pretty easy and cheap (~$200 per year) for whomever made the kernel driver to buy a code-signing cert and sign it. Dont have to talk to Microsoft, dont have to get any approval, just pay the $200.
The driver signing thing is a stability issue. Kernel mode drivers are dangerous, as they can destabilize the whole system. MS put a roadblock up for these, to try to improve the quality of the drivers.
And dont even get me started about Gutmann. Guy is a total fraud. Notice that in no cases, ever, did he ever once actually test his theories on an actual install of Vista to see if they were true?
No. His logic goes like this.
1. Assume based on some really old documentation and ad-hoc conversations with people in other companies, how this stuff works in Vista.
2. Predict what some of the outcomes and side-effects of his theoretical assumption would be.
3. Assume that all of his completely untested, completely theoretical ideas are true, and try to buzz up a big furor about his speculations, which may or may not (since no one has bothered to actually test against the real thing) have anything to do with reality.
4. Profit? Maybe not, as no ads on his site. But this kind of publicity doesnt hurt an academic. Helps them get more consulting contracts.
Again the lesson to take home from Gutmann is that they are his unproven theories. At no point did he attach a debugger to a Vista machine and actually test any of these theories. Not once. Not ever. His whole body of work on the subject is a fantasy.
Mind you, I dont give a rat's hairy butt whether you or anyone else likes or uses Vista. Means nothing to me. But I cant stand to see people parading around obviously unsupported or inaccurate information as true (speaking about Gutmann here). The driver signing thing is a commonly misunderstood situation as well.
Except mainstream business class equipment like nvidia video cards and intel abgn wifi cards. Little stuff like that.
The only real conceivable thing I can think of is that the drivers for his video card were crappy on Vista, and wouldnt put out a resolution/refresh that he was comfortable with. 4 - fear of the unknown... when XP came out, it required extensive locking-down for privacy and security reasons, but at least it is possible. MS is notorious for lack of info (and also for spy-ware labeled as "features"), so it seems prudent for someone that feels they already spend too much time dealing with OS issues to wait until the support forums mature a bit at least. Vista is actually quite superior in these aspects to XP. IE itself running in the lockdown mode is hugely more robust against attacks and information leakage. Overall, the security posture of Vista is massively improved over XP. It's alot easier to never lose data and never have your machine get owned with Vista, than it was with XP.
Did you even read the article you linked?
Telnet works just fine in Vista.
All that was removed was the telnet:// protocol handler in IE7 on Vista.
Analog video works just fine on my laptop as well.
It's real simple. If you want it, and you can buy a new machine thats designed to work well with it, or you can make sure you're installing it on a machine thats compatible, then go for it.
If you dont want to, then dont!
Why is this hard?