Jump to content

Criticism of Windows Vista

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Zubenzenubi (talk | contribs) at 00:01, 24 April 2007 (rv to reflect reality). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Part of a series of articles on
Windows Vista
New features
Siblings

Windows Vista, the latest version of Microsoft's desktop operating system, has been the target of a number of negative assessments by various groups. Criticisms of Windows Vista have included concerns about the security implications of the large amounts of new code, the inclusion of a number of new Digital Rights Management technologies aimed at restricting the copying of digital media,[1] and the usability of the new User Account Control security technology. Security software companies like McAfee and Symantec have also lodged complaints that Microsoft has implemented new security measures that prevent their software from being able to access certain parts of the operating system. Additionally, reviewers have noted similarities between the Vista interface and that of Apple's Mac OS X operating system. Concerns have also been raised about many PCs not meeting "Vista Premium Ready" hardware requirements.

Security

In a July 2006 report,[2] security software vendor (and recently a competitor to Microsoft's OneCare) Symantec's Advanced Threat Research Team said that the large amount of new and untested code in Vista, especially the new implementation of the network stack, could cause instability and new security flaws.[3] The report claims that "Microsoft has removed a large body of tried and tested code and replaced it with freshly written code, complete with new corner cases and defects". Microsoft responded that they "believe the claims are […] unsubstantiated", and Symantec admits that all of the bugs it found were fixed by the time Beta 2 was released, but adds that "While it is reassuring that Microsoft is finding and fixing these defects, we expect that vulnerabilities will continue to be discovered for some time. A networking stack is a complex piece of software that takes many years to mature." IPv6 tunnelling and peer-to-peer collaboration technologies were identified as additional potential problem areas. Firewall maker Agnitum and others have argued that the Kernel Patch Protection feature (also known as "Patchguard") for the 64-bit version can be circumvented by hackers and that some security software makers must use similar methods.[4][5] McAfee has further claimed that Vista will actually be less secure than previous versions of Windows.[6][7]

According to CNET News.com some critics are unenthusiastic about the Vista security features, because they believe it "offers mostly basic protection and is not the best of its class."[8]

There is no doubt that Vista will be Microsoft's most secure operating system. However, most secure is not equivalent to secure.

— Natalie Lambert, analyst, Forrester

Copy protection

Although Microsoft has gone through great lengths (i.e. Windows Genuine Advantage and mandatory product activation) to prevent unauthorised copying of Vista, some users have cracked the system already.[9] This has enabled these users to install Vista on their systems without a valid license. Some unauthorized use was available early, by using a hacked variety of beta-version activation files;[9] and, product-activation has been bypassed, totally, using versions of Vista created for OEM pre-installed systems (which didn't request product keys).[9] However, Microsoft allows legal trial copies of Vista for a 30-day period, with extensions up to 90 days for transition to purchased copies, which is automatically used when no product key is entered during installation. People have even bought upgrade media for the free trial so they can upgrade from it.

Digital Rights Management

Another common criticism concerns the integration of new forms of Digital Rights Management into the operating system, specifically the Protected Video Path (PVP), which involves technologies such as High-bandwidth Digital Content Protection (HDCP) and the Image Constraint Token (ICT). These features have been added to Vista due to an agreement between Microsoft and major Hollywood studios.[10] Microsoft claims that movie studios and other providers of "premium content" will only allow their data to be played back on PCs if sufficient protection is granted. This will concern, among other things, play-back of protected content on HD-DVD and Blu-ray discs.

In essence, the Protected Video Path mandates that encryption must be used whenever content marked as "protected" will travel over a link where it might be intercepted. This is called a User-Accessible Bus (UAB). Additionally, all devices that come into contact with premium content (such as graphics cards) have to be certified by Microsoft.[10] Before playback starts, all the devices involved are checked using a Hardware Functionality Scan (HFS) to verify if they are genuine and have not been tampered with. Devices are required to switch off or artificially degrade the quality of any signal outputs that are not protected by HDCP. Additionally, Microsoft maintains a global revocation list for devices that have been compromised. This list is distributed to PCs over the Internet using normal update mechanisms. The only effect on a revoked driver's functionality is that high-level protected content won't play — all other functionality, including low-definition playback, is retained.[10][11]

Detractors

Peter Gutmann, a computer security expert from the University of Auckland, New Zealand, has released a whitepaper[12] in which he raises the following concerns against these mechanisms:

  • Adding encryption facilities to devices makes them more expensive, a cost that is passed on to the user.
  • If outputs are not deemed sufficiently protected by the media industry, then even very expensive equipment can be required to be switched off (for example, S/PDIF-based, high-end audio cards).
  • Some newer high-definition monitors are not HDCP-enabled, even though the manufacturer may claim otherwise.
  • The added complexity makes systems less reliable. Gutmann cites anonymous sources from within Microsoft who, as he says, "are quite distressed about having to spend time implementing large amounts of anti-functionality when it's already hard enough to get things running smoothly without the intentional crippling."
  • Since non-protected media are not subject to the new restrictions, users may be encouraged to remove the protection in order to view them without restrictions, thus defeating the content protection scheme's initial purpose.
  • Protection mechanisms, such as disabling or degrading outputs, may be triggered erroneously or maliciously, allowing denial-of-service attacks.
  • Revoking the driver of a device that is in wide use is such a drastic measure that Gutmann doubts Microsoft will ever actually do this. On the other hand, they may be forced to do it because of their legal obligations to the movie studios.

Steve Gibson of Gibson Research Corporation has stated during his Security Now! show that he agrees with Peter Gutmann in principle and that what he proposes is a factually accurate description of what is found in the specification from Microsoft.[13]

The Free Software Foundation is leading a campaign called "Bad Vista" against Vista on these grounds, as well as because it is an example of prominent proprietary software.[14]

Supporters

Microsoft has published a blog entry with "Twenty Questions (and Answers)" on Windows Vista Content Protection, intending to refute some of Gutmann's arguments.[15]

Paul Smith, a Microsoft MVP and beta-tester, has written a response to Gutmann's paper in which he counters some of his arguments.[16] Specifically, he says:

  • Microsoft is not to blame for these measures. The company has been forced to do this by the movie studios.
  • The Protected Video Path will not actually be used for quite a while. There is said to be an agreement between Microsoft and Sony that Blu-Ray discs will not actually mandate protection until at least 2010, possibly even 2012.[17]
  • Vista does not degrade or refuse to play any existing media, CDs or DVDs. The protected data paths are only activated if protected content requires it.
  • Users of other operating systems such as Linux or Mac OS X will not have official access to this kind of premium content at all, however it is likely that software will be eventually engineered to facilitate viewing on these operating systems without restrictions and without asking permission from the movie industry.

User Account Control

The new User Account Control (UAC) security technology also causes concern among reviewers. While Yankee Group analyst Andrew Jaquith believes that critical security vulnerabilities may be "reduced by as much as 80 percent", he also noted that "while the new security system shows promise, it is far too chatty and annoying".[18] Veteran Microsoft reporter Paul Thurrott, although initially in agreement with this claim,[19] appears to have retracted those comments, claiming in his Windows Vista Beta 2 review, that UAC had been "completely overhauled" and is "less annoying." He nevertheless acknowledges that Microsoft is "still struggling to find a balance between security and annoyance."[20] Security company Kaspersky Lab claimed that Vista with UAC disabled is less safe than Windows XP with Service Pack 2. Microsoft responded by saying, "We have a thriving community of partners, and Kasperky is one of our best partners... I find their statements a little strange because they have one of the best insights into Microsoft security products."[21]

Similarities with Mac OS X

Another criticism is a claim by some that Windows Vista emulates specific features in Apple's Mac OS X. Scott Spanbauer of PCWorld jokes about a perceived "striking similarity" between Vista's Aero visual effects, icon design, buttons and those of Mac OS X's Aqua.[22] Paul Thurrott of WindowsITPro made similar comments in his review of build 5308, while also suggesting that some of the new applications "appear to be directly, ahem, influenced by similar applications in OS X."[19] John Rizzo of eWeek has noted that Vista is incorporating features which OS X has had for some time, such as fast searching and Smart Folders functionality.[23] This has led some to perceive that Aero is an imitation of Aqua.[24] Apple was keen to highlight the similarities during the keynote presentation at the Worldwide Developers Conference in August 2006, with Bertrand Serlet showing screenshots of Vista and OS X side-by-side.[25][26][27] However, many features including the Windows Sidebar and Search features were included and/or introduced in early alpha versions of Vista before Apple released the features in Mac OS 10.4.[28][29] Both Vista's Sidebar and Mac OS X's Dashboard share similarities with Konfabulator (now owned by Yahoo). The application is still available from Yahoo under the name Yahoo! Widget Engine.

Software compatibility

Game compatibility

Since Vista has implemented DirectX 10 there are significant compatibility problems with pre-Vista games that run on DirectX 9 or older, even though Vista does have DirectX 9.0L for backward compatibility. See List of Microsoft Vista game compatibility for known game issues.[30]

Other software compatibility

Significant problems have surfaced with other software running under Vista. Many programs, such as Nero and Symantec's and other's virus scanning programs[31] require new versions. Many Adobe programs require new versions.[32] Problems have also been shown with many peripherals, including mobile phone synchronising software. There are also compatibility issues with some host-based printing programs under Vista.[33][34] Any version other than the newest, QuickBooks 2007, of widely used accounting software Quickbooks is not compatible with Vista.

Hardware requirements

Considerable speculation and questions about the hardware required to run Vista were eventually dispelled when Microsoft revealed its own requirements and recommendations in March 2006.[35] However, controversy and concerns have arisen over how the increase in hardware specifications required to take advantage of many of Vista's new features may impact both personal and business users.[36] Elizabeth Judge of The Times stated that “the system’s full range of tools would be available to less than 5 per cent of Britain’s PC market” and that it “would run in full only on super-advanced PCs”. This has raised concerns that users wanting to enjoy the full experience would be forced to buy expensive new equipment, even though the minimum hardware specifications for Vista indicate that it will run on most PCs sold over the last three years. A Microsoft spokeswoman countered these claims by denying that current PC users would be unable to use Vista, stating, “A recent analyst report states that nearly all PCs on the market today will run Windows Vista.”[37] While most PCs purchased over the last three years will be able to meet Vista’s minimum “Windows Vista Capable” requirements, many laptops and low-end to midrange desktops with integrated graphics will not be able to meet “Windows Vista Premium Ready” requirements and will therefore not be able to run advanced features such as the Aero Glass interface.[38]

OEM Disquiet

The steep ramp-up of the hardware specification to effectively run Windows Vista has caused disquiet to some PC makers. DELL is again in April 2007, some three months after switching over to Vista, offering Windows XP on some of its' systems, following on complaints and criticisms from purchasers of Dell entry level systems. [39].
Vista has also been compared to the ill fated millenium edition WindowsME and has been named in the press[40] as ME II

Removal of features

Microsoft has also been criticized for removing some heavily discussed features such as Next-Generation Secure Computing Base in May 2004, WinFS in August 2004, Windows PowerShell in August 2005 (though this was released separately from Vista prior to its release), SecurID Support in May 2006, PC-to-PC Synchronization in June 2006.[41] The initial "three pillars" in Vista were all radically altered to reach a release date.[42]

Anti-trust controversy in Europe

The European Union Competition Commission has raised questions with Microsoft about Vista concerning compliance with EU rules intended to allow competition between security providers on the merits of their products. Commission spokesman Jonathan Todd stated, "If business and home users are deprived of choice, a security monoculture based on Microsoft products may lead to less innovation and could harm all computer users. Security risks could increase, and not decrease." Todd also stated that, "it is Microsoft's responsibility as a 'near monopolist' to abide by EU competition rules—in particular, those that prohibit abuse of a dominant market position." Microsoft Chief Executive Officer Steve Ballmer met with EU Competition Commissioner Neelie Kroes in August 2006 to discuss EU concerns. Responding to EU concerns, Jack Evans, a Microsoft spokesman, stated, "We still have not received the guidance we're seeking. In July, we received a formal list of questions, but no answers about what specific concerns the Commission has, or how we should address them." Evans went on to state "The bottom line is that we want to launch Vista in a fully lawful manner, and we want to avoid regulatory decisions that could increase security risks for European consumers. Despite speculation to the contary,[43] the antitrust concerns did not delay the release of Vista in Europe.
This does not seem to imply that the European Commission is satisfied with Microsoft. In April 2007, European Union antitrust chief Neelie Kroes described Microsoft's failure to address antitrust matters in a timely fashion:
"We have never, ever before encountered a company that has refused to comply with commission decisions," Kroes said, referring to Microsoft. "We learned we may have to look for a more effective remedy. We will continue to take up our responsibilities, I can assure you."
[44]

Pricing

Microsoft's pricing of Vista has been criticized by many as too expensive. A majority of users in a poll said that the prices of various Windows Vista editions posted on the Microsoft Canada website in August 2006 make the product too expensive.[45]

The differences in pricing from one country to another are also striking, especially considering that copies of Vista can be ordered and shipped worldwide from the US saving between US$42 and US$314. In many cases, this price differential is significantly greater than was the case for Windows XP.[46] At the current exchange rate, UK consumers could be paying almost double their US counterparts for the same software.[47]

Microsoft has come under fire from British consumers about the price it is charging for Vista, the latest version of Windows. British (and French) customers will pay double the US price. The upgrade from Windows XP to Vista Home Basic will cost £100, while American users will pay only £51 ($100).[48]

— Computer Active

Online forums at Microsoft attracted many complaints regarding the pricing, one correspondent calling for a boycott of the product until pricing was set fairly.[49] When asked why British consumers should have to pay more for Vista, Bill Gates blamed exchange rates.[50]

If Microsoft has been tracking exchange rates, it clearly has not looked at them for a while because the pound has been pushing towards the $2 level for months. Yet an upgrade for the Home Basic edition of Vista costs $99.95 (about £52) in the US, compared with £85 ex Vat in Britain; if you factor in Vat, it costs around twice as much here.

— Computer Active

Pricing of OEM v's Retail editions

OEM editions are supplied to larger PC and Notebook manufacturers in bulk at large discount compared with the prices charged for the retail and upgrade editions. While the prices charged by Microsoft to manufacturers are not publicised[51] they are believed to be a small fraction of the prices charged to those buying retail versions.[52] Although retail editions offer technical support, license transfers to a different computer system and other benefits, it is claimed that the alleged overcharging for retail editions encourages software piracy.[53]


See also

References

  1. ^ Sullivan, John (March 6 2007). "What's wrong with Microsoft Windows Vista?". Bad Vista. Retrieved 2007-03-24. {{cite web}}: Check date values in: |date= (help)
  2. ^ Friedrichs, Oliver (2006-07-18). "Windows Vista: Network Attack Surface Analysis". Symantec Security Response Weblog. Symantec. Retrieved 2006-08-13.
  3. ^ Evers, Joris (2006-07-18). "Symantec sees an Achilles' heel in Vista". CNet News.com. Retrieved 2006-08-13.{{cite web}}: CS1 maint: year (link)
  4. ^ "Agnitum analyzes latest Microsoft security initiatives". Agnitum. 2006-07-26. Retrieved 2006-08-09.
  5. ^ Evers, Joris (2006-08-10). "Windows defense handcuffs good guys". CNET News.com. Retrieved 2006-08-13.
  6. ^ Samenuk, George (2006-09-28). "Microsoft Increasing Security Risk with Vista" (PDF). Retrieved 2006-11-29.
  7. ^ Montalbano, Elizabeth (2006-10-06). "McAfee Cries Foul over Vista Security Features". PC World India. Retrieved 2006-11-29.
  8. ^ Evers, Joris (2007-01-17). "Security tools ready for Vista launch". CNET News.com. Retrieved 2007-01-20. {{cite web}}: Cite has empty unknown parameter: |1= (help)
  9. ^ a b c "It's official: Pirates crack Vista at last" (news), APC Magazine, March 4, 2007, webpage: APC-VOEM.
  10. ^ a b c Marsh, Dave (2005-04-27). "Output Content Protection and Windows Vista". Microsoft. Retrieved 2007-01-08.
  11. ^ Marsh, Dave (2007-01-20). "Windows Vista Content Protection - Twenty Questions (and Answers)".
  12. ^ Gutmann, Peter (2007-01-27). "A Cost Analysis of Windows Vista Content Protection". Retrieved 2007-01-27. {{cite web}}: Check date values in: |date= (help) Also available: PDF version
  13. ^ Gibson, Steve (2007-01-17). "Steve Gibson & Peter Gutmann on Vista DRM". Retrieved 2007-01-17.
  14. ^ "BadVista.org". Free Software Foundation. Retrieved 2007-01-09.
  15. ^ Nick White and Dave Marsh (2007-01-20). "Windows Vista Content Protection - Twenty Questions (and Answers)". Retrieved 2007-01-22.
  16. ^ Smith, Paul (2006-12-31). "Windows Vista DRM nonsense". Retrieved 2007-01-03. {{cite web}}: Check date values in: |date= (help)
  17. ^ Fisher, Ken (2006-05-21). "Hollywood reportedly in agreement to delay forced quality downgrades for Blu-ray, HD DVD".
  18. ^ Joris Evers (May 2006). "Report: Vista to hit anti-spyware, firewall markets". PC World.{{cite web}}: CS1 maint: year (link)
  19. ^ a b Thurrott, Paul (2006-04-19). "Windows Vista February 2006 CTP (Build 5308/5342) Review, Part 5: Where Vista Fails". SuperSite for Windows. Retrieved 2006-05-19. Cite error: The named reference "thurrott5308" was defined multiple times with different content (see the help page).
  20. ^ Thurrott, Paul (2006-05-20). "Windows Vista Beta 2 Review: Part 1: The Big Picture". SuperSite for Windows. Retrieved 2006-05-24.
  21. ^ Tom Espiner (2007-03-19). "Microsoft partner: Vista less secure than XP". ZDnet Australia. Retrieved 2007-03-20.
  22. ^ Spanbauer, Scott (2006). "Windows Hacks: Vista Comes Into View". PCWorld. Retrieved 2006-05-08. {{cite web}}: Unknown parameter |month= ignored (help)
  23. ^ Rizzo, Juan (2005-07-31). "Apple's Tiger vs. Windows Vista: Who Comes Out Ahead?". eWeek. Retrieved 2006-05-08.
  24. ^ "Windows Vista resembles OS X". MacNN. 2006-03-09. Retrieved 2006-05-08.
  25. ^ "WWDC 2006 Keynote transcript". macrumors.com. 2006-08-07. Retrieved 2006-08-08.
  26. ^ "Apple takes shots at Vista". Cnet news.com. 2006-08-10. Retrieved 2006-09-01.
  27. ^ "Video of WWDC". YouTube. 2006-09-17. Retrieved 2006-09-21.
  28. ^ Thurrott, Paul (2002-11-13). ""Longhorn" Alpha Preview". Paul Thurrott. Retrieved 2007-01-15.
  29. ^ ""Longhorn" Concept Video". YouTube. 2003. Retrieved 2007-02-04.
  30. ^ theinquirer.net: DirectX 9.0 L works on Vista only
  31. ^ www.symantec.com Vista Compatibility
  32. ^ www.adobe.com Vista support in Adobe products
  33. ^ www.hp.com General compatibility with Vista
  34. ^ www.hp.com Specific example of lack of compatibility with Vista
  35. ^ Thurrott, Paul (2006-03-29). "Finally, Microsoft Releases Windows Vista Hardware Requirements". WinSuperSite.com. Retrieved 2006-08-15.
  36. ^ Wagner, Mitch (2006-03-01). "Microsoft Will Stumble On Windows Vista And Office 2007". Informationweek.com. Retrieved 2006-08-16.
  37. ^ Judge, Elizabeth (2006-05-20). "Windows revamp 'too advanced for most PCs'". The Times. Retrieved 2006-08-15.
  38. ^ Spooner, John G. (2005-08-05). "Will Your PC Run Windows Vista?". eweek.com. Retrieved 2006-08-15. {{cite web}}: Unknown parameter |coatuhors= ignored (help)CS1 maint: year (link)
  39. ^ "Dell brings back XP on home systems"
  40. ^ [1]
  41. ^ "What's been yanked from Vista, and when". Techweb. 2006-06-27. Retrieved 2007-01-29.
  42. ^ zdnetasia.com
  43. ^ Evers , Joris (2006-09-18). "Vista's European battleground". CNET News.com. Retrieved 2006-09-19. {{cite web}}: line feed character in |last= at position 6 (help)
  44. ^ Microsoft Recalcitrance Causing EU to Reconsider How it Metes out Punishment
  45. ^ Beer, Stan (2006-08-30). "Windows Vista too expensive says users". ITWire.com. Retrieved 2006-10-19.
  46. ^ Warne, Dan (2007-01-22). "Is Vista's Australian pricing a rip-off?". apcmag.com. Retrieved 2007-01-23.
  47. ^ "Vista comes to rip-off Britain". The Inquirer. 2007-01-23. Retrieved 2007-01-24.
  48. ^ "Microsoft vilified over price of Vista". VNU Business Publications. 2007. Retrieved 2007-01-23. {{cite web}}: Unknown parameter |month= ignored (help)
  49. ^ "Gates cornered on UK Vista pricing". VNU Business Publications. 2007. Retrieved 2007-01-23. {{cite web}}: Unknown parameter |month= ignored (help)
  50. ^ BBC Technology News - Interview with Bill Gates (RealPlayer).
  51. ^ arstechnica.com
  52. ^ blogs.zdnet.com
  53. ^ blogs.zdnet.com
Retrieved from "https://en.wikipedia.org/w/index.php?title=Criticism_of_Windows_Vista&oldid=125339777"