It’s taken five years, enough lines of code to span the globe several times, countless thousands of hours of developer time, and so many builds, betas, and release candidates that you’d need a cluster-based supercomputer to keep track of them all — but Windows Vista is finally here.
Vista development, which started with the Windows Server 2003 core, which in turn started with the Windows XP SP2 core, is in the same league with Microsoft’s Windows 95 effort, and not far behind the gargantuan Windows NT undertaking. Whether you love Windows or not, whether you believe in Microsoft’s ability to innovate or not, you can’t fault the software giant’s R&D efforts with Windows.
The question is, what does all that work mean to you and to businesses the world over? What are the benefits? What are the downsides? There can be no doubt that there are pluses and minuses to Vista, from easier installation and management to aggressive anti-piracy features, from advanced video 3D graphics to a notable bump up in the video hardware requirements, from hundreds of security improvements to the frustrating User Account Control user experience.
While Windows Vista is an ambitious total overhaul of Windows XP, in the end there’s no big gotta-have-it feature or functionality, unless you’re a big fan of Aero, its considerably improved and more elegant interface. From a user perspective, there are literally thousands of mostly small advances, but the sum of the parts isn’t greater than the whole. Yet Vista is clearly a better OS than XP.
But how can a major new version of Microsoft Windows not be compelling? That’s the conundrum of Windows Vista. The vision behind Vista was in many ways about laying the groundwork for the future. So it could well be that the benefits will play out over time. In the meantime, the two big selling points are presentation and security.
Should Windows Vista be in your future? To help you evaluate, this article focuses on the biggest strengths and weaknesses of the product. You be the judge. At the end, we’ll tell you what we think overall.
A whole crop of software reviewers has entirely missed the point about Vista’s new Aero interface and Windows Presentation Foundation (or WPF, a.k.a. “Avalon”) graphics subsystem.
Aero has often been dismissed as so much eye candy, as frivolously non-functional adornment, as pretty things to dress up the user interface. The same people who rant endlessly about whether the graphical menu should move vertically or horizontally are the ones who dismiss the power Avalon represents to transform Windows applications of the future. It’s not about what Microsoft is doing with the Vista interface, it’s about what all that power in the hands of application designers and developers could mean with your software.
The Aero interface, and the application user interfaces that take full advantage of WPF in the future, can take advantage of these graphical effects: 2D, 3D, 3D animation, effortless scaling, vector-based text and shape rendering and motion, transparency, blurring, shadows in motion, object movements and a lot more. Put in simpler terms, Microsoft is borrowing heavily on the graphics horsepower previously only found on high-end gaming machines and enabling it as part of the operating system’s core.
To go along with internal support for full-fledged 3D, WPF also supports a new extensible application markup language, XAML, that should make it much easier for application designers to try out and create user interfaces for their applications that tie in with the programmatic functionality being created by their programmers.
It’s about the applications. And since we don’t have many of those yet, it’s hard to see the advantage. But make no mistake, Windows Presentation Foundation is a powerful reason to prefer Vista.
Vista’s upgraded user interface
The Aero user interface is a minimalist showcase of some of the things application makers might take advantage of with WPF. It appears that Microsoft purposely held back its designers to keep from turning the operating system into a theme park. The use of transparency in Windows Sidebar, though, gives you some insight into what might be possible. Windows Explorer’s scaling icons are another hint. The Windows Photo Gallery is an excellent tool for managing images, due in large measure to the power of WPF.
Transparency opens up a cluttered desktop. HGTV addicts will note that it’s the same idea as adding a mirror, windows, or a skylight to a room. There’s nothing like that annoying feeling of trying to find another app window amidst the mess of 20 open windows. And yet many power users work that way.
Microsoft’s use of transparency in Vista is subtle, not glaringly obvious. It isn’t so much something you see when you look at Vista — it’s something you feel when you use it. The more aesthetically oriented you are, the more you feel it. It’s the back-of-the-mind knowledge that does the trick. You know that window is there in the back. You can see it. It’s not lost.
The Vista desktop, Start menu, Quick Launch toolbar (beside the Start button), taskbar, and notification area are more or less reprised from earlier versions of Windows. They have minor changes to their controls. The Start menu does a much better job of handling long submenus, but the change is mostly evolutionary.
One important change to the Start menu, however, is the introduction of text-based searching as an interface convention. Torn from the Web, this idea is just a slam dunk. When you’re trying to launch a program and you don’t know where it is on the Start menu, just type the program name into the Start menu’s integrated search. Control Panel has almost 50 applets on some machines. It’s far easier to type the name of the applet you want in Control Panel’s integrated search field than go hunting for it.
Finding your way around Windows hasn’t always been easy. But Microsoft has made several key additions and tweaks to Vista that make managing windows and finding files much, much simpler.
Live thumbnails, Flip, and Flip 3D
The Windows taskbar is still one of the best user interface tools that Microsoft has ever devised, Windows 95’s great window-management improvement. It places buttons on the taskbar for every application, folder, or other object you have open. The problem with the taskbar is that it’s easy to forget what’s in the windows, so it’s hard to find the ones you want. But Vista has solved that problem with live thumbnails — pop-up thumbnail tiles that show the contents of the window. To make them appear, you hover the mouse pointer over the taskbar button.
Two other window-management features are Flip and Flip 3D. Flip is an upgraded version of the Alt-Tab Task Switcher from earlier versions of Windows. Alt-Tab gives you a palette of all open programs — you hold down the Alt key and cycle through those programs with the Tab key. The one that’s selected when you let go of the Alt key will then open up front and center on your screen. What’s different is that instead of names of programs with static icons, Flip uses the live thumbnails for those programs, which makes it a good deal easier to find what you want.
Flip 3D provides a 3D rendering of all your open windows. It lines them up in order, showing them from at a one-quarter angle, and marches them in procession. Flip 3D uses the Windows key and the Tab button, and it activates the window on top when you let go of the Windows key. Microsoft has added the “Switch between windows” icon on the Quick Launch menu, which lets you activate Flip 3D entirely by mouse. You can even use the scroll wheel to cycle forward or back through the windows. When you select the window you want, clicking the primary mouse button brings it to the front.
Rediscovering Windows Explorer
The lowly Windows Explorer window has gotten a pretty good makeover in Windows Vista. One of the best new folder features in Vista is called graphical breadcrumbs, a useful navigational tool.
On the Web, the term “breadcrumbs” refers to the clickable path that shows each level as you tunnel into a Web site. Levels in Web breadcrumbs are often separated by the pipe ( | ) or greater-than ( > ) symbol. The hyperlinks make it easy to jump back to specific pages you’ve already visited.
Microsoft applied that user interface technique to the navigation, or address, bar in Windows Explorer windows. Graphical breadcrumbs is a programmatic version of the drill-down hypertext navigational systems commonly used on the Web. So, for example, when you’re in Computer (what’s called My Computer in XP), and you drill into Local Disk (C:) > Program Files > Macromedia > HomeSite 5, the Address bar displays the breadcrumbs, showing each level, like this:
Each level, such as Program Files, is clickable. And when you click it, you open that folder instead. That makes it easy to back up, take a different branch, and so forth. You thought what you were looking for was on Drive C: and now you realize it’s on Drive D:? No problem — just click the step right before “Local Disk (C:),” usually “Computer,” and choose Local Disk (D:) from the drop-down menu.
Even better, the arrows between folders are also clickable. When you click one, a drop-down menu opens that offers all the other folders and files it contains. So if you click the arrow to the right of the Program Files folder, you’ll see a drop-down menu displaying all your installed application folders.
This is a very simple user interface that makes graphical navigation much faster than in previous versions of Windows, which usually defaulted to editing the path statement in the Address bar or opening a new window and starting over. Speaking of which, you can also still do that. Just click the icon that’s inside the address bar all the way to the left (if Computer is the first item on the bar, it will create a mini-rendition of the Computer icon). By doing that, you make the address line text editable, and you can type in any traditional path statement you want, using backslashes as separators. A type-ahead feature helps you to type the exact spelling or lets you click to advance. The only drawback with this feature is that it’s not obvious how you get back to graphical breadcrumbs mode. Resorting to the Escape key works; nothing else we tried did. It’s not even on the context menu.
Another thing we missed was the lack of an up-level button. The new Back button steps you back to where you’ve been. But it is possible to arrive at a place in the graphical breadcrumbs that doesn’t show a top level, like Desktop or Computer. Microsoft’s solution for this is a little too subtle. There’s a small downward facing area wedged in between the graphical bookmarks bar and the Forward button. The assumption is still that you’ve started in Computer or somewhere like that, which may not always be the case. But assuming you have, this downward-pointing arrow shows Recent Pages on a drop-down. Wouldn’t it be better to always display a default top level in the path?
Other changes to folder windows make them smarter and more context sensitive. The minimalist toolbar isn’t user-customizable at all. It’s context sensitive, showing different functions or drop-downs depending on the folder contents you’re viewing or that you’ve selected.
A folder window in Vista is a two-paned Explorer-type window. (In fact, though context menus still exist that say Open and Explore, they both appear to open the exact same window.) The new Windows Explorer shows the Favorite Links area at the top of the left pane. Favorite Links is user customizable. You can drag and drop folders or objects from the right pane into the Favorite Links area, where they serve as shortcuts to the folders you frequently access. You can even rename them there the way you would shortcuts. Your Favorite Links customizations will appear in all your folder windows. It’s an extremely handy feature.
You can also access a menu of your actual folder hierarchy on the left side of the Folder window, which gives you the interaction that made the two-paned Explorer Windows popular. You can walk through your folder structure and see the contents of what you click there quickly displayed in the right pane.
The left-pane folder hierarchy is resizable vertically by dragging and dropping its name bar, which reads, simply, “Folders.” A good way to work with the new Explorer is to drag the Folders bar all the way to the top. This way you can double-click it to open it all the way when you want to walk your folder structure. When you find what you want, double-click it again to close it, revealing your Favorite Links. This aspect of the new Windows Explorer is thoroughly thought out.
The Views menu, which controls the right pane, scales the file and folder objects there up to extremely large, and down to very small. As it does so, it also delivers the same views you’ve come to expect in the folder window, like Details, List, and Tiles, and there are three different sizes of icons. Since the icons show the contents of the files and folders they represent, the larger icons actually have some value to you.
The only other new aspects are the search functionality (covered later in this story) and the information pane that runs along the bottom of the new Explorer. It provides text information, in context, of the object currently selected.
All in all, the Windows Explorer is a pretty slick upgrade that makes working with your folders and files much easier.
In the earliest days of scoping out Windows Vista, Microsoft set itself the ambitious goal of turning the file system into a true database, and in that way building search into the very plumbing of the operating system.
It was too tough a nut to crack, and Microsoft abandoned the goal. But despite that, search is still built into almost every level of the operating system, and is one of Microsoft Vista’s greatest strengths — although there are some serious inconsistencies with the way it works.
There are plenty of different ways to search: straight from the search box at the bottom of the Start menu, on the search box on the upper-right corner of Windows Explorer, and via Start > Search.
Search is incredibly fast because it uses indexing. Forget the slow-motion days of Windows XP searches; you’ll be using search in Microsoft Vista constantly because of its speed. It searches literally as you type, narrowing down the search as you add a new letter.
But speed is only part of what makes search great in Windows Vista. The advanced search tool is superb. You can narrow your search by date, file size, author, tags, location and more. You can type in Boolean searches. You can search other computers on your network as well. In essence, advanced search is the best graphical way to use Boolean searches I’ve yet seen.
Not only that, you can save your searches so that you don’t have to re-create them every time. In essence, it lets you create virtual folders with different views into your data.
But there are some problems and inconsistencies with search. First off, the search results you’ll get vary according to where you perform them. You’ll get one type of results from the search box on the Start menu, and another type using advanced search.
In addition, your entire hard disk isn’t indexed, and so unbeknownst to you, search may ignore vast portions of your data. By default, it indexes mainly the \Users folder, but ignores pretty much all the other folders on your hard disk. Why do it this way? Microsoft is trying to force people to store all their data underneath their own \Users folder. But very few people actually do that, and if you’re one of those people who doesn’t, you won’t be happy with search.
TIP: There is a workaround, however. Choose Control Panel > System and Maintenance > Indexing Options, and you can choose other folders to put into the index.
Microsoft also made a completely bizarre design decision that makes search far less useful than it should be. Tucked away into Windows Vista’s recesses is a very useful search pane for Windows Explorer that you’ll hardly ever see. The pane appears across the top of Windows Explorer, and has buttons labeled All, E-mail, Document, Picture, Music, and Other. It’s a great help for filtering search results. Do a search, then click on the Picture button, for example, and it will display only results that are images. To turn on the pane, in Windows Explorer choose Organize > Layout > Search Pane.
So far so good, right? But the pane appears and disappears for reasons that at first are impossible to fathom. The Search Pane option is rarely available when you choose Organize > Layout. You can make the pane appear only if you’re in one of a few select folders, such as Computer and Desktop. You can’t make it appear anywhere else, because the option simply isn’t available…with one exception. When you type a letter into the search box in Windows Explorer, you can make the pane appear no matter which folder you’re in. But delete the letter, and you can’t make it appear.
What possible reason can there be for this bizarre and illogical behavior? Microsoft is silent on the matter, so we may never know.
An operating system by itself is a lonely thing — simply opening and closing windows and tweaking your system gets old after a while. And so Windows Vista includes a slew of built-in applications, more than Windows XP. You’ll find the old standbys, such as Notepad, WordPad, and Paint, and they’re pretty much unchanged. If you’ve seen them in Windows XP, you’ve seen them in Windows Vista. But there are plenty of new ones as well. Following are the high (and low) points of the most notable apps.
Sidebar and gadgets
Either you’re a software gadget person or you’re not, and that distinction will go a long way toward determining whether you think Windows Vista’s Sidebar and its accompanying gadgets are exceedingly cool and useful, or simply a waste of screen real estate. We fall into the pro-gadget side, and we use them all day long.
Gadgets are mini-apps that can grab and display information from the Internet, from a network, or from your computer. They can display stock quotes, the weather, your current RAM use, and so on. There’s no two ways about it; they’re direct rip-offs of Mac OS X’s widgets. But if you’re going to steal something, why not steal from the best?
Gadgets live in the Windows Sidebar, the right-most portion of the screen, although you can drag them anywhere you want on the desktop. The ten or so gadgets that ship with Windows Vista are not a formidable bunch. As you might expect, there’s a clock, stock tracker, weather tracker, note taker, and so on.
But two are extremely useful — the CPU Meter that displays your CPU and RAM use, and a very good Feed Headlines gadget that gathers all of the RSS feeds you’ve subscribed to in Internet Explorer and scrolls through them as they arrive. The RSS gadget in particular is a great one. You need do nothing at all to get the latest news and blog posts; they just scroll by on your screen all day. Click one to see a summary; click again to go to the Web site for the full post.
Some people might think that because few useful gadgets ship with Windows Vista, it means the feature is a bomb. Not so. You can go online to get more gadgets, and over time, you’ll most likely see a very robust community dedicated to building them. Within a year of Vista’s ship date, don’t be surprised if there are plenty of useful gadgets there, waiting for you.
This may be the best new application that ships with Windows Vista. It’s remarkably easy to use, yet offers surprisingly advanced features, including the ability to send out invitations to meetings directly from within the program, set reminders, create to-dos, and other nice-to-haves. You can create group calendars to share with others who use the same computer, and you can publish your calendar on the Web as well. Best of all is that it’s compatible with iCalendar, the main group calendar standard. So when you send or receive invitations, you can automatically sync your calendar with others, and you can subscribe to calendars posted on the Web.
Outlook Express has been renamed Windows Mail. The interface is cleaner and far more pleasing to the eye, and a new toolbar makes it easier to accomplish common tasks like creating, sending, and replying to mail. But other than that, there’s not much different. There’s only one surprise here; you can’t use Windows Mail to send and receive mail from a Hotmail account, which you can do in Outlook Express.
Backup and Restore Center
Remember the old backup program in XP? It was universally reviled, for good reason. You couldn’t do something as simple as backing up to a network folder or a CD drive.
Well, the backup program built into Windows Vista will make you nostalgic for XP-based backup. If you want to back up data in Windows Vista, you’ll be looking for a third-party program.
We won’t go into all the gory details, but here’s the ugly synopsis: You can’t back up individual files…or individual folders…or even individual file types with Backup and Restore Center. If you want to back up, say, 40 or 50 megabytes of .doc files, .jpg files, and .zip files, you can’t do that. Instead, you have to back up every single data file, every single graphics file, and every single compressed file on your entire hard disk — and that includes the files that make up Windows. So you’ll have to back up several hundred megabytes of files you will never use and never want to back up.
Windows Movie Maker and Windows DVD Maker
Remember the anemic Windows Movie Maker built into Windows XP? Forget about it — the one that ships with Windows Vista may share that application’s name, but it’s a surprisingly useful multimedia tool that makes it easy for anyone to create videos, and then burn them to DVD. You can import media directly from digital video cameras, digital cameras or other devices, or instead from a hard disk. Creating a video is as simple as dragging and dropping clips onto a timeline, then adding effects and transitions, soundtracks, and so on.
You can then use Windows DVD Maker to burn them to DVDs that can be played on any DVD player. It may not turn you into Martin Scorsese, but if you’ve ever wanted to create videos to post to YouTube, you’ve just found a free tool of choice.
Windows Photo Gallery
This program won’t make you forget a fully powered photo editor, but if you’re looking for a simple way to organize and view photos and other media, as well as do some quick-and-dirty photo editing, you’ll be quite pleased. You can tag and rate your pictures, which makes them much easier to organize and find; quick scroll through thumbnails; play a slide show of them; and more. Quick photo editing tools include adjusting exposure and color, cropping, and fixing red eye. There’s also an auto adjust button that cleans up a photo with a single click.
Windows Meeting Space
Looking for a good way to hold virtual meetings over a network, so that you can share documents with others, view everyone’s markups, and chat and talk while you’re all in different locations?
Then don’t look to Windows Meeting Space.
This application is supposed to let people create ad hoc virtual meetings over a network, including those at Wi-Fi hot spots. But it lacks so many basic features that it’s hard to imagine anyone using it. There’s no common whiteboard, no built-in VoIP feature, and its chat module is pretty much worthless. What’s the point, you might ask? We do, too.
If you distilled down all the forces driving the design goals for Windows Vista, their essence could be described in a single word: security. Many decisions that Microsoft has made in various aspects of Vista have been made for obscure security reasons. As you get to know Vista better, some of the changes make more sense when viewed through that prism. But at first blush, several changes and new functions are obviously about security.
Internet Explorer security
Internet Explorer has long been a hackers’ favorite target, and in Windows Vista, Microsoft has built in a variety of protections to help keep IE, as well as your computer, safe.
First and foremost is Protected Mode, which shields the operating system from actions taken by Internet Explorer or any Internet Explorer add-ins. So even if malware breaks Internet Explorer’s security features, it shouldn’t be able to do harm to your PC, because Protected Mode in essence locks Internet Explorer inside a safe box. Protected Mode isn’t available in IE 7 in Windows XP; it works only in the Windows Vista version.
Internet Explorer in Windows Vista also benefits from the same security features that are built into the Windows XP version. The anti-phishing filter does an excellent job protecting against phishing attacks, and the browser has also cracked down on potentially dangerous ActiveX controls and dangerous add-ins. (See our in-depth review of Internet Explorer 7 for details about these and other improvements in IE7.)
Those who have been longing for a true firewall for Windows will be pleased to know that Windows Vista includes a two-way firewall. The firewall in Windows XP only blocked dangerous inbound connections, but did not provide any protection for unwanted outbound connections. So if your PC was invaded by a Trojan or spyware, those programs would be allowed to make outbound connections unimpeded. Windows Vista changes that, and the Windows Firewall includes outbound protection as well.
As with Windows XP, you can customize how inbound protection works by opening and closing ports, blocking and unblocking programs, and so on through Windows Firewall Settings, available via Control Panel > Security > Allow a program through Windows Firewall.
But oddly, at first it appears that you can’t do the same for outbound connections. In fact, you can, but you’ll have to do a bit of digging to find out how. You need to run Windows Firewall with Advanced Security. To do it, at a command prompt, type wf.msc and press Enter.
Given that Windows Firewall now has outbound filtering, there’s little reason for most people to need a third-party firewall such as ZoneAlarm.
The Windows Defender anti-spyware built into Windows Vista is no different than the one available for free for download for Windows XP, or the one built into Windows Live OneCare. It’s a solid, serviceable anti-spyware application that includes live protection as well as automated spyware scanning.
The best thing about Windows Defender is that it was purposely designed not to pop up frequently, requiring user decisions. The worst thing about Windows Defender is that compared to products like Webroot’s Spy Sweeper or Safer Networking’s Spybot Search & Destroy, it offers limited protection.
One of Defender’s more useful features is its Software Explorer, which provides help beyond spyware. Software Explorer lets you see programs running on your PC in a variety of categories, including Startup Programs and Currently Running Programs. It provides in-depth information about each program, including its name, executable file, publisher, path, file size, and other information. You can enable, disable or remove any program.
Windows Defender doesn’t give a whole lot of advice in helping you decide which programs you should let run — but on the other hand, if Windows Defender allows a program to run, it considers the program safe. You can always do a Google search to track down any application about which you’re suspicious, and Windows Defender gives you plenty of information about each app, so it should be easy to do a search.
What, no anti-virus?
As with past versions of Windows, Windows Vista doesn’t include any anti-virus software. Why? One reason might be anti-trust concerns, particularly in Europe. Including anti-virus in the operating system could certainly be construed as anti-competitive, and could embroil Microsoft in lawsuits for years to come. In fact, Microsoft has been wrangling with security vendors who want access Security Center so that they can more easily integrate into it. We won’t go into all the gory details, but the food fight will be with us for some time.
Another potential reason is that Microsoft just happens to sell an anti-virus product of its own bundled into Windows Live OneCare. If anti-virus was included in Windows Vista, there’d be little reason for anyone to buy OneCare.
What to do about anti-virus? You’ll have to buy or download a third-party program. Not all anti-virus software works with Vista yet, and it’s not clear which will work, and which won’t, so this may be problematic for anyone upgrading to Windows Vista. Also not clear is whether the license you’ve bought for a Windows XP version will be able to be used for the Windows Vista version.
But some anti-virus software does work. If you’re looking for a very good free program for personal use, avast! is a good choice — it’s lightweight and uses very few system resources.
If you’re a parent, are worried about how your children use the computer and the Internet, and believe that a software tool for blocking access is part of the answer to your worries, you’ll be pleased with the new Parental Controls feature built into Windows Vista.
Microsoft has managed to give you exceedingly fine-trained control over all aspects of how the computer is used, from Internet access, to games, to even the exact times and days the computer is being used. And it’s managed to do that in a simple-to-use interface.
There are four sets of controls: for filtering Web use, controlling when a child can use the PC, controlling games based on a rating system, and allowing and blocking specific programs. Each control is relatively simple and intuitive; parents need not worry that they’ll need their children to teach them to use the controls, which would certainly defeat the purpose of Parental Controls in the first place.
For parents who want to keep a virtual eye on their children, activity reports can be automatically generated and viewed. The reports include the top 10 Web sites visited, the top 10 Web sites blocked, applications used, games used, when each child logged on to the PC, and similar information.
UAC and file permissions
Perhaps the most controversial security feature in Windows Vista is User Account Control (UAC), which seeks your confirmation before it will allow various programs or dialog boxes to open.
The purpose of UAC is to make Windows users — as the last line of defense — aware of potentially dangerous activities that are about to carried out on their computers. The potential threat is that a malware program (or possibly a determined hacker) could be carrying out a scripted set of steps that will lead to a negative event on your computer, such as the loss of data or damage to your Windows installation.
In a nutshell, the question UAC asks is: Did you initiate the process that’s attempting to run? When the answer is yes, you click OK or Allow to permit the action. When the answer is no, your prudence in letting UAC block that action could save you from a very bad experience.
UAC is not smart in any way. It doesn’t try to discern something that might actually be a threat. It just throws up a prompt about something that might conceivably be exploited. It also doesn’t ever relax. You could click the System Control Panel (also called Advanced System Settings in some areas of Vista) 75 times in a row, and it would prompt you with the statement “Windows needs your permission to continue” every time. So basically, it adds an extra click to the process of accessing this tool.
There is nothing inherently wrong with this approach, which has been used by other operating systems before. It’s not a new idea, and it’s not a bad idea. But the devil is in the details of how it’s implemented. As a Johnny-come-relatively-lately to the security bandwagon, Microsoft has embraced security principles fervently. What that means is that, if there’s even a small chance that opening a settings dialog box, starting up an applet, or running an installation program could present even a slight security risk, Windows Vista is going to prompt you with some sort of UAC dialog box asking for permission to proceed.
This is a short list of just a few of the processes that require confirmation to initiate:
— Opening Disk Defragmenter, System Restore, Task Scheduler or Windows Easy Transfer
— Adjusting font size, connecting to a Network Projector (opens two dialog boxes in succession) or accessing Remote settings
— Opening these control panels: Add Hardware, BitLocker, Device Manager, iSCSI Initiator, Parental Controls, Advanced System Settings, System
Protection or Remote Settings
Additionally, many processes that don’t prompt you at launch, such as Windows Defender, Windows Firewall, Ease of Access, Internet Options and a long list of others, do require your permission for specific settings. Taken one by one, most of the processes that are gated by UAC seem very reasonable. Microsoft rethought a great many restrictions that made little sense between Vista Beta 2 and RC1. But taken as a whole, UAC is going to seem like a burden to many users who are tired of Microsoft and other software makers protecting us from ourselves.
Proponents of UAC claim that after the first several days or weeks after Vista is first installed (or you receive it on a new PC), the experience of constantly being confronted with UAC dialogs slows down. But for some people, UAC numbness creeps in quickly. How long before they stop reading the prompts or considering what they mean and just click OK every time? It can quickly become muscle memory. The average Vista user will have little idea about the rationale behind UAC prompts. To that person, UAC may seem scary at first but quickly became a petty annoyance. How long before people realize they can turn off UAC in the User Account Control Panel?
This is the worst problem about UAC. Has Microsoft over-balanced it, and turned it into something that will actually defeat its purpose? There’s a very real possibility of that.
Finally, although file permissions problems related to UAC have been tweaked since RC2, people who install Vista in a dual-boot arrangement may find that some folders they created on their XP drives may not be accessible from Vista without complex file and folder security-permissions changes.
In particular, if you store user files (such as downloads, programs, or system drivers) in user-created folders hanging off your root directory — instead of placing them somewhere in the Windows-prescribed user folders, like Program Files or My Documents — you could find that the operating system will prevent you from opening files or folders. In the very late pre-release version of Vista tested for this story, the first indication that Microsoft may have reduced this problem was apparent. Because it was a seemingly random problem in earlier builds, it’s tough to say for sure. But hopefully, this problem has been rectified.
Microsoft has a long, sad history of getting networking wrong.
Until Windows Vista, that is. The new operating system represents a breakthrough when it comes to Windows and networking. For the first time, it’s easy to get a quick overview of your network at a glance, manage multiple wireless networks, make new network connections, set up file sharing and more.
At the center of all this is the Network and Sharing Center. It put the most important networking features into an integrated, simple-to-configure interface. Setting up file sharing, for example, was painful to do properly in Windows XP but is now a matter of a few mouse-clicks. And everything else is in easy reach as well, including connecting to a network, setting up a new network, managing your network connections, and diagnosing and repairing network problems.
One of Windows Vista’s best new networking tools is the Network Map. Click “View Full Map” from the Network and Sharing Center, and a live map is drawn of all the devices and PCs on your network. Hover over a device or click on it, and you’ll get more details about that device. Hover over a gateway, for example, and you’ll see its IP address and MAC address. Click a PC, and you’ll see the shared network files and folders on it.
However, if you have a network with PCs that have earlier versions of Windows on it (and who among us doesn’t?), you’re going to run into a few bumps. Windows Vista uses the new Link Layer Topology Discovery (LLTD) protocol, which speeds up discovering and displaying network devices, as well as allowing Windows Vista to grab information about them.
Earlier versions of Windows don’t include LLTD, and so you’ll notice networking support for them tends to be flaky. Sometimes they’ll show up on the Network Map, sometimes they won’t, and they appear and disappear at random times. Microsoft said that it will release an LLTD add-on for Windows XP PCs when Windows Vista ships, so that might solve the problem.
Wireless networking support has been significantly improved as well. Windows Vista is designed for a world that’s increasingly wireless, and in which many people connect to multiple networks, at home, at the office, and in public hotspots.
The connection screen not only lets you view all nearby wireless networks, but if you hover your mouse over one, you’ll see all of the network’s vital statistics, including the type of network (802.11b, 802.11g, and so on), whether security is being used, and if so, what kind.
When you first make a connection, you can name each new wireless connection and save it. Vista will then connect to that network automatically when you’re in range. Vista also saves security information about the network — whether it’s a public network or a private one — and changes your security settings to reflect that.
If you’re in range of two wireless networks that you’ve saved, you can configure your wireless connections so that one wireless connection takes precedence over another. Windows XP automatically connects to the strongest nearby network, which causes problems if the strongest network isn’t necessarily the one to which you wanted to connect. With Vista, you first have to accept a wireless connection as one of your permanent ones before it will connect automatically. That way, you’ll automatically connect to only the networks you want, even if more powerful ones are nearby.
Another nice touch: If you connect wirelessly as well as via Ethernet to the same network, Windows Vista automatically recognizes that it’s the same network. It will even include both adapters on a network map. And it will automatically use your Ethernet connection rather than your wireless connection to make use of Ethernet’s superior speed.
This isn’t to say that networking is perfect. The Sync Center, which can be used to synchronize network folders across a network, has an extremely confused interface. And overall, there are too many different links that all lead to the same location. But these are minor quibbles; overall, networking support is one of Windows Vista’s greatest strengths.
Windows Vista includes a raft of new features aimed at corporate IT departments. Here’s a rundown of some of the most significant improvements.
Expanded Group Policy settings (including USB device lockdown)
Group Policy support is built into Vista, and it comes with hundreds of new settings that can be used to configure limits and make the operating system better suited to specific corporate environments. Say no to USB memory sticks, for example, while allowing USB ports to be used for other things. There are also numerous new settings and limits for power management, wireless networking, printing, browsing and many other areas.
File-based imaging for installing and maintaining Vista
Vista comes with new Windows Imaging (WIM) technology, a hardware-independent system image file format that allows companies to maintain fewer desktop images. Microsoft’s compressed, modular approach allows variations, such as language options, to all be incorporated into one image. If a company requires multiple images — for instance, if more than one Vista edition is deployed — those images can be stored in a single WIM file to save space. IT pros can also make changes to the image offline, without starting up each desktop to create a new image.
Non-destructive image application for Windows upgrades
When performing an in-place upgrade from a previous version of Windows the new User State Migration Tool (USMT) allows you to keep user data and state/profile information on the user’s hard drive while you clean-install Vista, then apply the existing user data and settings to Vista. Whether you’re performing an in-place upgrade or migrating to a new PC, Vista’s built-in migration capabilities automatically import specified user files and settings from Windows 2000 or XP.
Windows Preinstall Environment (Windows PE)
Windows PE replaces MS-DOS as a pre-installation environment, and includes a variety of tools and features that make it easier to deploy Windows Vista. It’s built from Windows Vista components, and so can run graphically, and run many Vista applications. It allows for a highly automated deployment process, and can work in concert with WIM to help enterprises deploy Windows Vista. Under Windows XP, Windows PE was available only to Microsoft Software Assurance customers, but under Vista it’s available to all corporate customers.
Application Compatibility Toolkit (ACT) 5.0
One of the most difficult tasks for businesses is getting a handle on all their installed applications. Vista’s ACT 5.0 is designed to help organizations herd these cats with tools to identify installed applications, collect system information and pinpoint compatibility issues with User Account Control.
Improved trouble warning, diagnostics and recovery
Vista ties together several underlying technologies with software that, if it works as billed, could cut down on help-desk support issues. The operating system offers improved automatic recovery, diagnostics, a new recovery environment with a start-up repair tool and monitoring-notification systems that companies can configure to send an SOS to IT help desk operations before a drive fails or whenever a device driver is causing instability. The revised event log and task manager should help IT personnel diagnose problems more readily.
Address Space Layout Randomization (ASLR)
This cool techie security feature makes it more difficult for malicious code to locate and exploit system functions. When any system is rebooted, ASLR randomly assigns DLLs, EXEs and other executable images to one of 256 possible memory locations.
Network Access Protection (NAP) service
Network administrators will welcome the Network Access Protection service, which works in concert with Windows Longhorn Server, Vista and XP. It lets IT managers set security standards that all computers must meet before a server allows them to connect to a network, such as having up-to-date virus definitions. If a computer doesn’t meet the standards, the network connection is refused.
Simplified deployment of network security settings
Network administrators can deploy and manage security settings that combine Windows Firewall and Internet Protocol security (IPsec) using a single wizard-driven interface.
Native IPv6 support
Vista natively supports IPv6, the next generation version of Internet Protocol. IPv6 offers not only a larger networking address space, but other benefits as well, such as better network-layer security, support for multicasting, automatic configuration of hosts, and better support for Quality of Service (QoS). Today this doesn’t mean much. In the next few years, though, it will, because IPv6 will increasingly be used by corporations and government agencies.
BitLocker Drive Encryption
Enterprises that care about security will be pleased with the new BitLocker Drive Encryption, a hardware-based method of encrypting all data on a PC using the Advanced Encryption Standard (AES) with 128 or 256-bit keys. It’s primarily designed to be used with laptops, so that if one is stolen, the data on it will not be able to be read by a thief. Even startup and logon information is encrypted, so that the laptop won’t even be able to be started. Given that nearly every week a laptop is stolen or lost that contains private information, this will be welcomed by any corporations that have sensitive data. BitLocker is designed to be used in concert with hardware that conforms to the Trusted Platform Module (TPM), which uses an embedded microchip to store encryption keys. The hardware must include a version 1.2 or higher TPM and use a Trusted Computing Group (TCG)-compliant BIOS.
BitLocker can also be used with non-TPM hardware by using a USB flash drive to store an encryption key. In theory, that may be true. In our experience, though, it’s not that simple to do, and some users have reported problems with doing this. So enterprises should be forewarned to use BitLocker only on TPM-compatible hardware.
Reliability and performance
Windows XP and Windows 2000 both offered large reliability gains over the earlier Windows 9x/ME versions of the operating system. Windows performance, though — which includes startup and shutdown times, application-loading speed, and the crispness with which dialogs, menus, and applets run — has never increased appreciably. Microsoft has tried to claim performance enhancements with each successive new version, but in the real world, most of us have never seen them. In fact, you could make a case that Windows 98 was faster at some things (not startup times) than Windows 2000.
Microsoft is at it once again, claiming reliability and performance improvements for Vista. But it hasn’t offered much concrete evidence to support those claims. According to Jim Allchin, co-president of the Windows platform group, “there’s no question that Windows Vista is more reliable than any version of Windows ever shipped.” He emphasizes the extensive testing Microsoft did (and it did release far more public betas than for any previous version of Windows). Allchin also points to automated stress testing that he says is twice as rigorous as previous tests with earlier Windows development efforts.
The question is, do the millions of Windows users who have been through version after version buy this? For reviewers, the problem of assessing performance and reliability boils down to this: It takes six months of real-world use, installing and uninstalling applications, running Web apps — in short, living with the finished version of the new operating system — to really know the truth about whether Vista truly is faster. Don’t believe anyone who tells you they know otherwise. It’s the only test that matters.
What we can tell you is this: When Vista is installed on a machine that fully supports the Aero interface (check the video requirements on this Microsoft page), whether real or perceived, the operating system opens files, folders, menus and dialogs faster than its predecessors. Application loading performance seems improved (especially on subsequent opens in a session), if not instantaneous. Windows shutdown times (not Sleep) are also noticeably faster, but will that still be the case six months from now? Windows cold boot times don’t appear to be much improved at all.
Based on our empirical evidence derived through extensive usage of Vista through all the betas and technical previews up to the minute, we agree with Allchin. Since Windows Vista Beta 2, this version has been more stable than Windows 2000 and Windows XP, and at least as stable as the Windows Server 2003, whose core it is based on.
The one clear-cut performance improvement actually delivers reliability benefits too. Microsoft’s new Sleep functionality actually works on most PCs, and it works quickly. (See Power management for more about Sleep.)
Equally uncertain from testing so far is whether there’s any perceptible performance gain from two application-load hastening techniques, SuperFetch and ReadyBoost. SuperFetch is an upgrade to the pre-fetch capabilities of earlier versions of Windows. It keeps close tabs on the applications you use most frequently, and preloads them into memory. SuperFetch is date-aware, and is even able to differentiate between programs launched on weekdays or weekends. The goal is to speed up the start-up times for the applications you use most. ReadyBoost adds a memory store for SuperFetch by harnessing user-supplied USB 2.0 keys or other flash-based memory, such as CF or SD cards.
This pair of features may sound more cool than they are. To date, we’ve seen little noticeable difference through the use of these tools. But if you frequently launch AutoCAD or Photoshop, it might be a lot more noticeable.
We’ll have to wait and see what’s real and what’s marketing, but there’s at least a good chance that Microsoft will make good on some aspects of its performance and reliability claims for Vista. One of the bog-down points for performance is the Windows System Registry, which among other things, is edited by every application you install, making it susceptible to bloat and corruption.
Largely for security and application-compatibility reasons, Microsoft is introducing a Registry-virtualization technique that limits installing applications’ access to the Registry but fools them into thinking they have in fact edited the Registry. This feature was needed to support Vista’s new, better protected namespace (that is, the locations of systems and applications files and special folders). But this Registry-virtualization trick may also keep the Registry healthier over time.
Under the hood
In addition to more obvious changes, Vista includes a number of behind-the-scenes changes. Some are useful, others…not so much.
Microsoft’s new anti-piracy measure: SPP
One of the most controversial under-the-hood changes in Vista is its new anti-piracy system, called Software Protection Platform (SPP). In a nutshell, if the system thinks your copy of Vista isn’t valid, it sends numerous warnings and gives you a grace period to resolve the problem. At the end of the grace period, your machine goes into reduced functionality mode (RFM), in which everything except your Web browser is disabled. For the full details on what SPP is and how it affects your system, see The Skinny on Windows SPP.
Our take on SPP: Microsoft doesn’t really care that some percentage of the people whose Windows installations SPP convicts of being pirated or tampered with might be false positives. Those people have absolutely no recourse but to call Microsoft’s WPA support number, and they might not get a sympathetic ear. We all know software is imperfect. Yet Microsoft’s policy does not allow for how to handle that imperfection.
A much wider group of people who are stung by SPP may well, in fact, have pirated copies of Windows without having any idea that they do. Three common scenarios include buying Vista from an unscrupulous online retailer, buying it from a small OEM PC maker who is reusing licenses, and bringing your Vista machine to a repair shop that reinstalls Windows Vista with its product ID, not your product ID. Again, there’s no leniency to the end user in these scenarios. You may hold a valid product ID for your copy of Windows, but you will need to be able to figure this out on your own. And in most of these scenarios, the product ID you hold may in fact be pirated. You’ve purchased Vista in good faith — and Microsoft is going after you, not the person who did the pirating.
From Microsoft’s point of view, hitting up the end user will squeeze out the pirates — and it will educate Vista consumers to be more careful who they buy from. But is the bad will this will generate from customers less important than the additional revenue Microsoft will gain? Would Microsoft be willing to take this step if it had true competition on end-user PCs? Power management
Microsoft has revamped power management in Windows Vista. Microsoft claims that Vista’s new Sleep mode combines the fast resume rate of Windows XP’s Standby mode with the data protection and low-power consumption of XP’s Hibernate mode. As Hibernate did, it stores the contents of system memory to the hard disk, and also maintains the memory state for a period of time and then automatically progresses to hibernate when the battery charge or settings dictate.
Microsoft calls this transition to hibernation Hybrid Sleep. By leaving the system memory up at least for the short run, Sleep facilitates a much faster resume behavior — it comes back on almost instantly, in about one second. Unfortunately, Hybrid Sleep is turned off and Hibernate is set to turn on after only 18 hours in all power plans on laptops. That means your battery charge will be eaten up more quickly than you would expect.
TIP: You can change the defaults for Hybrid Sleep and Hibernate to extend the battery life of your laptop. Click the power icon, then select “More power options” > “Change when the computer sleeps” > “Change advanced power settings.” In the Sleep section, choose your settings for “Allow hybrid sleep” and “Hibernate after.”
Under the hood, there’s a good deal new with storage. Vista’s new file system, Transactional NTFS, preserves data integrity and stops file corruption, even if an application crashes while saving data. Vista’s native support of hybrid hard disk drives (H-HDDs), which Microsoft calls ReadyDrive, won’t pay immediate benefits, but ultimately will be welcomed by laptop owners, if Microsoft is to be believed. The hybrid drives will make startup faster and speed up resuming from hibernation, and ReadyDrive will minimize the amount of time a hybrid drive will spin, claims Microsoft. This should save battery use and extend hard disk life.
It’s not as clear if other new storage features, such as I/O prioritization and Volume Shrink, will pay any benefits, though. See Five things you’ll love about Vista’s storage for more information.
Boot configuration data
One of the many little-known changes in Vista is an overhaul to multiple-operating-system boot options.
For quite some time now, Windows has been able to automatically configure multiple-boot options automatically when you install successive versions of the operating system into new volumes on a single computer. So you might conceivably install Windows 98 on drive C:, Windows 2000 on drive D:, and Windows XP on drive E:. When you do that, a character-based menu opens up at boot time that lets you choose which operating system you want to run. There’s also a settings tool in these versions of Windows that lets you choose the default OS to boot and some other mostly cosmetic controls for the boot menu.
Prior to Vista, this boot information was stored in a simple text file called boot.ini. Vista changes all that. Although the end result works the same way, Windows Vista stores boot information in a more secure Boot Configuration Data (BCD) store, which better supports Extensible Firmware Interface (EFI) system setup data. For more detailed technical information about BCD, see Microsoft’s Boot Configuration Data Editor Frequently Asked Questions.)
Within System properties in Vista, on the Startup and Recovery dialog box (just like XP and some previous versions of Windows), there are basic controls for selecting the default operating system. But it’s important to note that the Vista BCD supersedes XP’s Bootmgr and boot.ini file. You can’t control the way Vista boots from boot.ini. If, for example, you set Windows XP to boot to Vista by default, and then you delete your Windows Vista partition, you can wind up in a Catch-22 situation. Why? Because Vista stores the BCD data in a folder called “boot” installed into the root directory of your system drive. BCD will continue trying to load Vista, and it may or may not let you access XP or other earlier Windows installations at all.
So how do you edit BCD? There’s a command-line utility in Vista called BCDEdit.exe that does this. BCD is a lot more powerful than XP’s Bootmgr, so there are many other things you can do with it. But BCDEdit is difficult to figure out and use. And the rules that manage boot data in the BCD are more complex than you’d expect.
As part of the technical beta tester efforts, a free utility was developed called VistaBootPro, which provides a graphical interface for managing the BCD store. It’s much easier to use than the command-line editor.
But people who frequently install Vista into an additional partition still need some help when they’re removing Vista from a partition. The problem is the BCD’s boot directory on the system drive. It’s protected by aggressive file and folder permissions that prevent it from being stripped of security protections. Deleting this folder can be a distinct problem. If you understand Vista’s file permissions, there is an involved way to “take ownership” of Vista’s boot folder and then delete it. VistaBootPro performed this magic in earlier versions, but that functionality is missing beginning with its 3.1 version.
TIP: But there is an easy way to solve the problem. On the Vista install DVD there’s a folder called Boot containing a file called bootsect.exe. Using Command Prompt, navigate to that directory and type this command for detailed information about how to use this tool: bootsect /help
In tests performed with Windows XP (installed on drive C:) and Windows Vista, this command loosened the file permissions on the BCD boot folder:
bootsect /nt52 c:
(Note: Replace “c:” with the letter of the drive that the boot folder was installed on.)
After running this command, you should be able to select and delete the BCD boot folder in Windows Explorer.
Those who pay close attention to the file system will at first be confused by the new namespace. Remember the Documents and Settings folder in previous versions of Windows? It’s gone, replaced with the Users, which serves a similar purpose, so that your files by default are stored in \Users\username, instead of \Documents and Settings\username. To confuse you even more, there appears to be a Documents and Settings folder in Vista, but in fact, it doesn’t exist — it’s essentially an alias to Users so that programs that expect to see Documents and Settings will still work properly.
Microsoft has also gone halfway toward eliminating file menus throughout Windows Vista, and this inconsistency can be disconcerting. Menus are gone in Windows Explorer, Internet Explorer, and Windows Photo Gallery, for example, but are still there in Windows Mail, Windows Calendar, Notepad, WordPad, and a variety of other applications.
TIP: You can turn file menus back on by pressing the Alt key, and then make them disappear again by pressing Alt.
Windows Media Center has been updated, and can be used not only on a PC, but also on devices that Microsoft calls Media Center Extenders, such as the Xbox 360. Vista supports up to five Media Center Extenders on a single PC, allowing multiple devices on a home network to access Windows Media Center.
Tablet PC support has been beefed up in Windows Vista as well. A big plus is that you can now train handwriting recognition to improve its accuracy, and there’s more visual feedback than previously.
A new installation process will be welcomed by upgraders. Installation hasn’t necessarily been sped up, but it has been made easier. Vista uses image-based installation, and the process is designed to run mostly unattended. So after answering a few questions, you get it started and can then walk away while installation proceeds.
The bottom line
Editor’s Note: Our two reviewers wish to express their final opinions on Windows Vista individually.
What’s the verdict on Windows Vista? Let’s start off with the most obvious change, its interface. The slick new look is more than just eye-candy; touches like live thumbnails, Flip 3D, and gadgets make you more productive as well. There’s no longer a need for Windows users to have Mac envy. And beyond that, it’s just plain fun.
But there’s a lot more to Vista than the most obvious interface changes — consider the benefits of much-improved networking and better security, for example. RSS support in both Internet Explorer and gadgets finally make RSS an integral part of the computing experience. And the new search feature, despite its problems, makes it far easier to find information whenever you need it.
Are there problems with Windows Vista? Of course there are. UAC is a mess, for example, and some built-in applications, such as backup and Windows Meeting Space, are little more than a waste of hard disk space. But forget the wouldas, shouldas, and couldas. Windows Vista is a far better operating system than Windows XP. For me, the decision isn’t even close; I’m making the switch.
I’m so unsure that I like Vista’s trade-offs, like UAC and SPP, that I’m giving the Mac equal opportunity to become my next OS. I will be living with Vista on my main Windows production machine too. But Microsoft’s willingness to frustrate Vista users with a few of its security mechanisms, along with its corporate obsession with anti-piracy, have left a bad taste in my mouth. It’s time to consider the alternatives. The rise of more or less multiplatform enterprise Web applications transforms the landscape. The Mac and Linux are a lot more realistic alternatives than they once were.
Is Vista an excellent version of Windows? Yes. It’s better than XP. A lot of great thinking and work went into it. I love the video subsystem. I’m impressed by many of the security features. There are many small touches that show that Microsoft is thinking about improving the user experience and elevating the intelligence of the platform. But while Microsoft may have a death grip on what we used to call the desktop, it doesn’t own servers, software-as-a-service, Web apps, or the Web browser. Things are changing. It’s not enough to build a better version of Windows anymore.