Doubt's Log

I really enjoy Joel's writing. He does a nice job explaining the state of affairs: Martian Headsets - Joel on Software

Why is it that people believe that every release of Windows is entirely new code? I've never seen anyone from Microsoft ever claim any such thing, but every release I see people talking about the claim. Having said that, in every OS release almost every component gets touched if just to fix potential security vulnerabilities found by automated tools. That's the advantage of a full OS release, you get the most complete testing cycle Microsoft can manage (internally and externally). Let's see if I can introduce a lexicon for people to talk about OS release changes. Here are some categories to count and measure:

1. Absolute Development Time - Each release only has so many developer resources for a period of time, so even if it's just cleaning up almost invisible implementation issues, or major new features there is a an absolute amount of effort put in to each OS release. While people talk about vista in terms of 5 years since XP, the reality is that most of the windows organization for a bunch of that time was focused on the first and especially the second XP service pack.
2. Subsystem Replacements - Instead of incremental changes to a couple components, this implies major rewrites and replacements. Windows ME to XP involved replacing the the windows 9x OS with the Windows 2000/NT codebase especially at the lower levels of the OS. Much of that code had been shipped and tested as Windows NT and Windows 2000, so for the development team this was incremental work, but for the consumer OS customers is was a new code base with all the pain involved. IIRC a decent amount of Windows ME was getting the driver ecosystem compatible with the Windows 2000 codebase so that Windows XP wouldn't be as painful of a switchover. (There is a lesson here, you got to ship an OS which will get a negative reputation to move the market whenver making major changes that affect drivers, 64bit Vista is playing that role right now for future 64bit Windows OS versions). In Vista, there were at least three major subsystem replacements, the video, audio and networking stack each got rewrite/replacement level changes. The primary motivation for a subsystem replacement is to provide an better foundation for new features, but often pulls in a couple new features themselves (like IPV6 getting all the features the IPV4 stack had). This type of change is the most exciting and also the most likely to break existing drivers and applications.
3. Architectural Rewiring - This is where we restructure existing code for modularity and potentially new release possibilities. Server Code and MinWin fall into this category of changes. To the upper layers of the OS (applications) it looks like nothing has changed, but you now have the ability to more easily release a super stripped down version of the OS, or let different parts of the OS evolve independently.One of the sins of Windows was the circular dependencies between some components, and we are in the middle of multi-release work to clean it up. A focus of Vista was to map out the system and put in controls to make sure we never introduce more. As a OS Geek, this is exciting stuff, as a OS user, this is something that is sucking up development dollars without apparent affect.
4. UI Changes - For a user of the OS this is what they typically use to judge how much an OS has changed. Sometimes this implies a lot of work, sometimes this isn't so much work. Because of the attention, every product typically has some UI change for the sake of change alone, and that change is usually one of the most protected secrets about the OS. There is a balancing act between holding these changes secret, and testing the OS as a final product. Often a ugly theme that utilities the same features as the final theme/UI is introduced to help mitigate the risk. (Therefore pre-release builds shouldn't be judged on ascetics).
5. New Features/Components - These are the functional improvements in the products. I think people have a pretty good grasp of this type of change.
6. Changing Defaults - Relatively simple code/setting changes might make drastic changes to the user experience. Turning off old protocols, making new users non admin by default, etc.
7. Bake Time/Cleanup - This is the relatively boring but critical process of fixing bugs, incremental performance tuning and just general "make things better" that takes of the majority of a development cycle and extends post release into service packs and the next release. It's healthy to occasionally have a release that the majority of it is in this category, specifically targeting the things that were too risky for a service pack, but isn't really a new feature. Unfortunately this type of changes tends to not sell new copies of the OS. This type of next release time is getting institutionalized at Microsoft in the form a Quality Milestone done during product planning when the development team doesn't have much to do yet.
8. Platform development - This is the type of work done that might be in the OS, but doesn't really have any exposure or use until a corresponding server release, or other product takes advantage of it. For example: Windows XP had a feature for restoring automatic backups of previous file versions that only showed up when attached to a server that supported it. Vista (and XP via a separate download) has an amazing new GUI support for applications called the windows presentation foundation, but nothing in the OS itself takes advantage of it. It usually takes a while before we see application developers get used to the new libraries and choose to develop for it (normally a developer doesn't want to develop for an OS version that users aren't using in bulk).

Looking forward, we already know that some Architectural Rewiring is happing in the next Windows release with MinWin and with such major Subsystem Replacements in Vista and the compressed schedule for the next release, I can't imagine too many Subsystem Replacements happening, but I guess we'll have to wait and see.

Since the launch of Vista, I've simply been amazed and the frequency and severity of criticism Vista has received. I humbly accept the places where the complaints make sense to me (Performance/Compatibility; and in many cases I grok the reason compatibility was broken), but much of it, like the DRM hype is just astonishing to watch. Worse, there are many features and improvements that I've yet to see Vista get credit for. Anyhow, I've been collecting theories of what happened:

• Security trumped compatibility in this release. (Most of the things that Windows could do without breaking stuff was done in XPSP2)
• We didn't focus on compatibility like we did in Windows 95
• We shipped new Networking, Audio and Video stacks in Vista, and that will cause application compatibility issues and it's going to take a while for drivers to catch back up to the level of optimization we had before.
• Too many little features, not enough big ones.
  • Broken planning, dependency tracking, etc.
  • Ship everything at once mentality, instead of incremental improvements
• There wasn't enough architectural oversight of the product
• Too many shifting and impossible to follow through "Basics" (Don't worry if you don't get this one)
• Vista wasn't selfhost-able until way too late in the product cycle
• Since the product shipped late, expectations were set to negative by default
• XP brought the reliability people were screaming for, XPSP2 brought the security people were screaming for. Vista just meet a fundamental need the way XP did.
• The big stuff people were promised didn't show up (WinFS and ???)
• This is really the same thing XP went through
• ABMs (Anything But Microsoft) people are more are listened to more and more effective with FUD then in the past.
• They are just more critical these days

I must admit, I didn't get the last one when I was told it, but I've been warming up to it. Enough people are computer savvy now that they no longer blame themselves when things break, they blame the hardware and software people. Well actually, most people just plain blame Microsoft, but give it a couple another decade and people will get better at blaming individual hardware/software manufacturers. While none of the the list is self sufficient as a reason, the recent criticism around Apple's Leopard release is giving more and more credit to the theory.

While Live Maps haven't copied the eye-popping drag and reroute feature of Google maps, there is a number of really cool improvements in the latest release. The Live search blog has a list of ten improvements that haven't got the press of other features like the "model your own 3d building on a map" one. My personal favorites from this list are the End/Start details where you filter down driving instructions to allow you to ignore the stuff you don't need to see (like how to get out of your neighborhood), the new black color on the traffic map for dead in the water congestion and some of the extra business information they now have.

So I've started to see some press getting way down on Vista about things I haven't experienced and decided to go and see if I could figure out what was going on. First off, let me summarize my house's trip to vista.

• Machines
• 3 older machines
• 1 brand new nice 64 bit box
• Issues
• Memory
• Most of my machines needed a memory upgrade to be happy on vista.  Where I Couldafford it machines went to 2Gb.
• RAW photo support for my camera on 64 bit windows
• Canon was in no rush to release it and I still don't have RAW support on 64bit (which is where I do photo stuff)
• Media Center on 64 bit
• It was either the 64bitness or trying to also use the machine as a desktop while it was a media center, but this led to a lot of crashes of media center.
• Loud machines
• Since vista supports sleep better then previous versions, I started used it for my desktops. I then started to notice the noise difference between on and off.

And while I'm at it, the BS issues that people complain about, but I don't get the issue.

• DRM
• Everyone gripes about it and it's the default reason people give for anything that is broken, but it probably has nothing to do with anything since I'm not aware of anyone using it's new features yet. It's a passive, when the application asks for it, feature not an active (lets look for violations) system.
• UAC
• When you get a okay/cancel UAC prompt, you are running as an administrator and if you weren't you would have been asked for administrator account and password. Even when you run as administrator with UAC, you are not administrator. The prompt authorizes a process to run as true administrator. There is a reasonable amount of security value here. The main question is "Should this require administrator rights to run?" whenever you see a prompt. Frankly I don't get prompted often, and when I do, I find it's appropriate. The notable exception is when I want to see details of what driver is loaded for my network card or video card. The UI for viewing and setting the settings weren't separated and so you get a prompt even when you don't want to change anything.
• If you think UAC is annoying, the question is, what did it prompt you for that it shouldn't have?
• It's very amusing when people comment about UAC and get recommend another OS that does the same thing, except requires you type in a password.

Okay, so now that I have that out of the way... I'll next write on where and what I've learned

Stéphane Rodriguez has an article about issues one hits when trying to implement or use OpenXML. They don't have the idiotic and artificial type of arguments that lists like groklaw has created, but some of his examples feel a bit extended to make a good story.

Lets see what the summary of his issues are with my bottom line comments. Also note I'm no expert at this stuff, I'm a geek, not a word processing file format geek and I certainly don't speak for Microsoft on these issues.

1. Self-exploding spreadsheets
• Removing formulas from a spreadsheet is non trivial because there are other files with references to the forumla to update, such as the calculation chain
• You can't rebuild the calculation chain without going through the whole document.
• While the calculation chain can be excluded it is non optimal to do so because some one who does need to understand the whole spreadsheet will have to recalculate it.
• Some ZIP libraries don't deal efficiently with doing the sort of operations needed to manipulate these zip based documents structures
• Bottom Line 1: Invalidating the Calculation Chain should be automatic, so that simple manipulation tools work better
• Bottom Line 2: Classic engineering tradeoff, you can precalc stuff if you want, but then you have to be able to precalculate it and keep some sort of invalidating state.
2. Entered versus stored values
• The intuition that what you type in excel is what is stored is incorrect. Excel does magic to make it more user friendly like automatically adjusting to local convention (like , instead of . in number formatting) and auto converting to a type instead of treating everything as a string or forcing the user to be explicit
• The stored number values are affected by IEEE rounding rules
• Stored values are not locale dependant (This is a bad thing?)
• Bottom Line: It's not clear how this affects the usability or usefulness of the format to me. Maybe a different example where values that aren't in this format (generated by a third party tool) fail in excel?
3. Optimization artefacts become a feature instead of an embarrasment
• Worksheet shared forulas are listed as "copy from Cell X" instead of having a neutral non cell reference that everything uses
• This leads to a lot more work to change a formula in one place if others reference it.
• Bottom Line: Sounds like a valid complaint to me
4. VML isn't XML
• VML is supposed to be deprecated but gets used in some places like comments
• 10 year old memo from Gates that has little to no bearing on the world or Microsoft today
• Bottom Line: I'm not familiar enough with the spec to know if this is an issue or not, but it sounds like comments in Excel is hard to work with and that's bad.
5. Open packaging parts minefield
• You can't delete a part and know who relies on it without parsing through everything in the file
• Bottom Line: sounds sucky
6. International, but US English first and foremost
• The functional things in the format for excel is in english (like the SUM() function)
• VML and DrawingML have a number of encoding notes to help with localization which aren't documented well
• Applications on top of OpenXML have to localize everything themselves
• Bottom Line: Maybe I'm missing it, but this seems like a feature, my spreadsheet manipulator doesn't have to be aware of all the possible language encoding of the word "SUM"

I'm going to cut off this post here for now (wife wants my attention :) ) and maybe continue it another day

Major themes from the list so far:

• The excel format seems to be not well designed for targeted modification of existing files. You have to load an understand the whole thing and then write it all back out again. (unless you are using the custom schema stuff, but that is out of scope)
• VML interacts with parts of openXML is not well describe ways

-- Ari

I was reading Raymond's post on Escalation of Privilege bugs that don't actually escalate your privilege and then quickly read the earlier episode of the series. There I saw a lot of commenter rebilling against the concept of post by drawing new security boundaries which the hypothetical exploit would cross. This crystallized a concept for me that there are certain security boundaries in windows that are harder then others and there is much confusion in this area. Since I haven't seen this information in one place anywhere, I'll try to consolidate my understanding of it here.

Security Boundaries control the flow of information and execution between two distinct environments. We consider a boundary breached when arbitrary data or execution is no longer prevented from occurring. Most of the time we consider one of the environments a superset of the other, for example, going from executing as a single user to controlling the entire Operating System. However any attack that gives you more privileges then you currently have can be considered an escalation of privilege.

• Primary Security Boundaries
1. The Remote Boundary (is there a better name?)
• This boundary separates things executing off your computer and on your computer. When an attacker can remotely make your computer do arbitrary things in a security context that would be crossing the remote/machine boundary.
2. The User Principle Boundary
• This refers to the security boundary created by executing code under a security principal and the ACLs that details which user has access to which resources. This is what keeps one user from snooping on another user's files. If untrusted code manages to run in your user account, it's not really your user account any more. This can also refer to non user accounts such as services.
3. The Administrator/Kernel vrs Not Boundary
• This is the boundary between a normal user and running as administrator or executing code in the kernel. Once untrusted code is running in either administrator or in the kernel, it is not your box anymore.
4. Privileges
• These carve out boundaries like ACLs.
5. The Operating System Boundary
• This boundary refers to the ability to read files and execute when it is allowed to execute outside the context of the operating system normally in control of the resources. If the OS isn't running it can't protect secrets. Technologies like bitlocker and the one-way encryption of passwords are attempt to deal with breaches of this boundary. Vitalization is making this area more interesting.This is also the point of Immutable Law #3.
6. Managed Code (CLR/Java) sandboxing
• Mitigation Boundaries (These are bypass-able, have uses and may be put together to make something stronger but alone do not form a primary security boundary, see Mark's blog)
1. Power User/Administrator/Kernel/System
• You can switch between these without much difficulty.
2. Vista Admin account UAC
• The split token helps but doesn't make a full boundary
3. Session boundaries
• Different user sessions have different named object namespaces ACL'd to them, however one user could reach over and mess with then session of another instance of the same user.
4. Restricted Tokens
5. IL Levels
6. Software Restriction Policies
7. UAC elevated processes in a user session
8. Kernel Driver Signing
9. NATs/Most Firewalls
10. Kiosk style, certain applications only hacks/setting changes
11. System File Protection
12. Windows Data Protection - DPAPI
13. Code Signing

Much of the confusion occurs from "breaching" a Mitigation Boundary instead of one of the Primary Security Boundaries. Aside from some nice new Mitigation Boundaries, the main thing that Vista does is move most users from the Administrator/Kernel side to the rest side or the primary boundaries #3, and that is a big deal.

According to a number of articles like this one, Google is the source of an antitrust complaint against Windows Vista because of a change of the default implementation of Desktop file search. In Windows XP, when you searched for files it would do a actual, go scan your harddrive search, and at the end of the search you got an option to turn on indexing to make your search faster. This would search and make notes about your harddrive in advance so that the requested search became much faster. I'm guessing that it was off by default in XP because it wasn't really optimized for a desktop both in performance, the type of data it indexed about the files and it wasn't something people did a whole lot so it wasn't worth the weight on the system. Enter Vista and the world has changed, indexing is the standard approach to search on the desktop as demonstrated by the improved indexers shipped in MacOSX, Google desktop and MSN one. So the good old xp indexer gets a lot of attention, a nice upgrade, some very nice usability improvements and, Oh yeah, the indexer is now on by the default instead of just for power users. Well, that last step is one step too far according to Google.

According to the article they are worried about interactions between their indexer and the vista one. While a lot of people, on digg at least, are calling BS. It is especially weird to me since a number of applications that I'm running these days are busy indexing the harddrive. The photo gallery software and all three music applications are going at it. They manage to coexist in vista, what's wrong with Google's indexer? This sounds like a technical limitation in their product they wish to use to harm vista's indexer.

They have plenty of business reasons for such a desire, they used XP's deficiencies in this area as a big reason to get people use the Google toolbar (which includes their desktop indexer). This is important to them because it has all sorts of tie backs to Google services where they make money. It was a good gig, the MSN team developed and did the same thing. The Vista indexer doesn't have any such ties, but now people have lost a huge reason to install the Google toolbar (and the MSN toolbar for that matter). So they have a business problem, and from their complaint a minor technical problem. Business model problems don't make good complaints to the DOJ, but maybe they could make hay with their technical issue. Unfortunately most techies would predictably call BS if they heard the complaint (I guess that's why it was a confidential complaint) which leads back to the premise, It appears that Google has unabashedly decided to be evil.

On the other hand, indexers are programs that are not just running all the time, but constantly trying to do work. Smart applications attempt to do more and more stuff when the user wouldn't notice, such as checking for and downloading updates or pre-creating image thumbnails so they don't have to be generated at run time. On a logical level there is some theoretical maximum to how much time a computer has for such background tasks. Google seems to be implying that there is not enough room for anyone but them. Even in this worse case, this is something that a years worth of Moore's law will fix faster then any legal remedy. Oh and I should point out it has been years since the first of this generation of indexers were downloaded and used on computers.

It's going to be interesting to see the arguments on the other side of this one.

Disclosure: I work in windows networking, I don't have anything to do with the indexer technologies except complain about how slow the early versions of it in pre-reset longhorn were.

I saw a slashdot article this morning about Apple releasing more vuln fixes. In the comment section, discussion broke into the usual "why do people think Macs are safer then Windows" arguements. The two major points of "it has less of a market" and "it's just more secure" went back and forth. I happen to think both are an oversimplification of the subject.

Vuln finding is a function people of going after whatever is currently easiest. Many attackers have broaden their horizons to other platforms once Windows became significantly more secure and harden against attack. Oracle was the next major target and Apple might be the one after. I admit that I love the irony of the switch after both companies choose to market on how they must be more secure since people weren't finding vulns in them.

Exploits on the other hand is based on the business case these days. The vulns are available but Windows didn't have the magnitude of the problem it did until there was a profit motive to create bot networks.

So to put it together, vulns found help you tell about the security of an area, exploiting tells you about how profitable a particular OS is to attack. The corollary of this rule is that as a random host you are as profitable as the OS, as a specific host with specific data or rights you are as valuable to attack as that data or rights. The result being that if your data is valuable is doesn't matter that there are few exploits for your box when there are plenty of vulns.

Which day did I move Vista Media Center from my very powerful 64 bit main box to a mostly dedicated 32 bit box?

Go watch the screencast about Microsoft Popfly. It's a mashup builder using Silverlight. It looks awsome and the screencast includes using World of Warcraft data to build a Mashup Site.

An attempt to respond to the latest thing I've read and stake out my feelings on ODF/OOXML.

From what I understand of the market, you have a number of (free) add-on ODF plugins for Microsoft Office. This means that the simple requirement being able to read and write the format will be satisfied to the level of quality of the plugins and the ability of the interoperable aspects of the ODF standard to handle office semantics. I feel that the blogoshpere has made it clear that the only way ODF will be able to handle the body of existing office documents (Bugs and features) at full fidelity is for there to be a large number of extensions that would render ODF something not ODF anymore, especially from the standpoint of other ODF implementations. It might be in the vaguely "right" looking container, but it would not be interoperable. Any movement in this space would (rightly?) be branded Embrace, Extend, Extinguish.

I believe it is clear that users want something like OpenXML. We've seen that previous movements in this direction by office in the 2003 products are never used because of the loss of fidelity. I'm just not going to migrate my spreadsheets to ODF format if my formulas are going to break, and that is the type of user complaints that you will start to get when you tell your customers you must move over. If you don't get how complex this type of thing gets, you should start reading Raymond Chen's blog. It is quite obvious how hostile the ODF crowd appears to be to backwards comparability with the amount of hoopla generated around supporting the 1900 excel/lotus 123 date issues in OOXML.

Could all the the technical issues been worked out in ODF? Maybe. I think the hostile environment, the time required to work on modifications to ODF in an open way and the timeline for the politics and government mandates pretty much precluded that option for the short term. On the brightside, ODF folks can take the out there and free OOXML spec and decide how they want to absorb it for future versions of ODF. Thus somday the promised nirvana of ODF being the native interoperable format of all office suites that it's supporters want might be realized. In the here and now, there is a pretty cool creative energy that both formats competing right now has created. In an attempt to score points in some insane "Who is Right" contest both sides are pointing out the flaws in the other, and the pragmatists will pick up the real stuff and just make thier stuff better. This is a good thing no matter how ugly the process is to get there.

In the background of this debate, It appears that their are two camps in the world when it comes to this stuff, purists who believe that future technology should be clean slates not marred with the real world and those who muck around in the complex world of user demand and prior work. I have to admit out of college I was very much in favor of the purist view of the world. This little debate is making me realize that I've now firmly landed in the other camp. The purist typically ends in the worst hacks and/or low adoption. There are a lot of people out there who use software and just don't care about the religious battles. It doesn't matter what your standard is or how you architected the code is, if it doesn't solve the user's needs.  Put simply, users are more important then you or I and placing requirements down that are tangential to their needs is just a speedbump for them to roll over. The coders who love and support these users are going to have to help carry forward whatever hack someone came up with to get around the artificial speedbump. The sooner one grok's this concept the better the world might be.

If ODF solves a user's needs, they will use it, if OOXML solves it better it will be used regardless of which of them have ISO certification. There is already ECMA certification and good IP promises for OOXML. (The inability to use without IP considerations a file embded in either format is a red herring). It appears that Microsoft is supportive of having OOXML ISO certified, which sounds great to me. If there are considerations unrelated to ODF then they should be fixed, but the notion of which sausage factory produced the 1.0 spec or that you can't have both formats be standards seems silly to me. Both are too new on the scene to have proven that they are going to be the end all. If anything, office via market share and caring about backwards compatability has a huge leg up.

Disclaimer: I work for Microsoft but nothing to do with office.

• Bill Gates takes stage
• Reminds us of the GUI bet 12 years ago in Windows 95
• Everything is focused on how to represent in a Digital format
• What's the new innovations?
• Making it easier: search, flip3d, etc
• Safer: anti-spyware, anti-phising, etc
• Entertainment: DX10, Photo Gallery, DVD Maker, HiDef support
• Better Connect: Diagnosing, RSS platform support, XML file formats
• Platform Renovation
• Installing
• Upgrade Advisor
• new system
• Mike, corperate vice president demo
• thanks familys and beta testers
• Familly focused demo
• Photos
• Tagging in Photo gallery via drag and drop
• Search via the tagging
• One beta tester with 40K photos in the library
• Basic adjustments
• DVD Burning
• Videos and pictures into a nice preview
• Document editing
• Live Previews of the entire format of the document changing
• Add a photo and drag it to the size you want in the document, no guessing percents
• Ribbon UI
• Extra effects on photos in the document, shadows and the like
• Games
• Game Explorer
• DX10
• Using the Xbox360 controller
• Cross-platform playing, EX: uno
• Parental Controls
• Time-Limits
• Game ratings
• IM sessions, Games played, Web sites went to/attempted to go to
• Xbox360 media center extender
• Cable Card support -> HiDef TV Recording
• Media Center interface
• Music explorer
• picture explorer
• Extras
• DreamScene - Motion Video on the Desktop
• WoW campaign Commercial
• nice music... look up later
• Steve Ballmer
• Biggest Launch in software history and the broadest
• Today/Tommorow fun across the globe
• 19 Languages today, 99 by EOY
• 39,000 retail outlets
• thousands of OEMs
• 1 million people in europe by EOY
• 2 million in US
• 2,500 certified software products
• NY Times reader application
• 5 Mil beta testers
• Partners Video
• Dell CEO Kevin ??
• Intel Sean Melony(sp?)
• Toshiba CEO and president of computer devision ??
• AMD Chairman and CEO Hector Ruitz
• HP ??
• editorial comment: How much money is on that stage right now?
•  Bill Gates
• Thanks to the employees
• Jim Allchin thank you from Bill
• 5 Million People Downloaded Vista and Office 2007
• Highest quality ever
• Test Automation
• Performance Testing
• Watched 1 billion office beta sessions
• What Famillies said about the product
• 50 famillies in 7 countries
• > contact
• 800 changes
• Lots of DVD burning feedback out of this program
• "Microsoft listened to me"
• One of the Famillies on the stage
• Burn to Disc button in photo gallery was one of thier feedbacks
• Got the first copy in the US.
• Kids push the button, and Screens in Times Square Start going
• Video of Launch events across the world.
• Live Band starts playing
• Caffiteria Ballons drops
• Event is over at Microsoft

There a pretty reasonable podcast about Vista DRM in Security Now #75. Key points:

• Worse case is that you can't play content that demnands a super secure path.
• No known media is requesting the super secure path. It is very questionable if anyone will ever want to take the PR hit of actually using it.
• Constriction or "fuzzyness" is for the high quality content; not everything on your screen and only if the content requires it.
• The main device you are probably playing HD-DVD's on is laptops who have onboard graphics and are exempt from a number of things that people are concerned about.

Update: Just to be fair, there are a number of legit concerns that the Gutmann paper talks about, but even in that paper there are examples that people have let thier imagination run away with. The legit concerns include: side effects to how open hardware is when hardware needs to authenticate to the driver (They should do a public key thing here IMHO), Hardware/CPU costs in dealing with encrypting content across an open pci bus, potential cost for splitting out drivers to mitigate potential protect content trust revocation, the potental for hardware manufactures to destablize a PC when creating an implementation of tilt bits and IP/Licencing costs for the content protection hardware. To me these are pretty minor or requires assuming the worst for a true bad effect.

It's easier then ever to get a continuous stream of Windows Vista FUD. In the past you had slashdot, but had to ignore the pesky rated 5 comments which often would point out the obvious stuff. Now however we have the BadVista blog, which is FSF new foray into the world of pure unadulterated BS. Some of which the press runs away with because there aren't enough people actually using the software to call BS loud enough. Let's look at some of today's news stream:

1. Microsoft Vista is not an option
   This link is about the "Licensing and Activation" hurt hobbiests meme. We have a writer who switches out the hardware inside his case once a week and is using XP. To my spider senses, Something doesn't add up here. XP already has activation. Even If they tightened up the requirements (which in practice remains to be seem) he should already be tripping over activation left and right. In some ways activation has gotten less onerous, especially in cases where you buy a computer from a OEM like Dell or HP. Personally, I have built all the machines in my house, and swap around components regularly (although I guess I'm too busy and poor to swap things weekly on a single machine). I've been bit by re-activation and had to call the activation help for my home machines twice since 2001. I told them that I was moving around components and things worked within 5 minutes both times, this is hardly social engineering. I don't expect Vista to be any different, and I've already moved some hardware around. If the author hasn't been through this already with XP, the the worst I would expect is that he will make the 5 minute phone call once a couple years. If the fear of that potential phone call and not even a real experience is bad enough to make him switch to another OS, then I not sure Vista is the real issue.
2. DRM behind lack of Windows Vista drivers.. and fear new content protection.
   This is based on the Gutmann FUD, which spells out a worse case scenario for the implementation DRM in Vista based on random bits of documentation and conjecture. The basic problem here is that the worst case scenario he envisions isn't  how anything was implemented and causal checks confirm it. There are still class drivers for video. Non-protected content (which is most of what I have) plays unmolested, even while I play DRM'd music and video.  There is an example in the paper of expensive optical system computer in a hospital going fuzzy because the user is playing music. The first question a reader should ask is, even if the hospital bought into that sort of DRM and the system was designed that way (which from casual observation it isn't) why would the hospital not buy a computer system to view the imagery that supported a DRM path in the hardware. It's like buying a CAT scan system and not buying a compatible display to see the results.
   In reality there is more drivers and compatibility for Vista pre launch then there was for XP (probably because of continuation of the move to class drivers and early frequent public releases). Inherent to the whole arguement is a bet that you will have pervasive protected content you want. This is the same bet that iTunes Music Store makes. If you want to watch such content, then you won't want to run an OS where you can't watch such content, and only systems with these protections will be allowed to decrypt it. Back in the early days of DVD's, Linux had zero players until the protection scheme for DVD's was broken. These days the new formats won't be cracked that easily as they have learned a couple lessons since then. (They can remove support from all future media for a player's decryption key once it's known to be cracked and the general purpose cracking is probably much harder)
   There are some real stuff to the story, supporting DRM through hardware is not free, and if you want that feature you will pay for it (similar to how we all pay for DVD support), but none of this is Vista specific. The main thing with Vista that you might complain about is that it supports it at all, or that Microsoft hasn't done enough to fight DRM. Of course if you buy PowerDVD for BlueRay or HD-DVD you are getting pretty much the same thing from a different vendor. This type of stuff really annoys open source purists because licensing and securing implementation runs counter to the basic philosophy, but it's not a showstopper as companies that actually build commercial products using pieces of open source don't have such issues.
   I'll also note that I'm not in love with DRM, but that's a topic I'll save for a different post.
3. Vista: Why Bother?
   This starts with the insufficient hardware meme. If you asked me right after beta 2 shipped, I would be wholeheartedly agreeing. What I have discovered is that a) they fixed much of that between beta and release and b) more RAM fixes the rest . Ironically the RAM part was exactly what I was sitting around realizing when XP shipped. The end rule is if you bought it in the last two years new, get it up to say 1 Gb RAM, it'll be fine.
   The actual piece plays a bunch of games with the facts. First it talks about video editing, which is demanding in general and nothing specific to Vista. Even looking at the Mac's that advertise high end video editing you are looking at some seriously powerful machines. Processor, RAM speed and file system speed are the things I've noticed are the big deal, not OS. Next there is the 94% figure, which pulls a double whammy, first it is a survey of corporate machines, which since they tend to do simpler less CPU/ram intensive things compared to consumer PCs. The more realistic numbers are the CPU replacement numbers (replacing the CPU, especially in older machines usually means a new PC), here we see 84% of corporate PCs will be ready from a CPU standpoint (I suspect many of the 84% will need more RAM, but the numbers aren't in the article). The other little trick done with that number is using the premium level of readiness instead of the minimum. For corporate PCs, the difference between the premium and the Min are features that won't be missed doing day to day work, like the flashier GUI.
   Next in the piece is software compatibility. This is a harder area, although three of his examples are now bogus. The Zune software for Vista is already released on zune.org, I'm running the Vista Powershell (it comes as an OS update, so it's mostly an issue of packaging, not compatibility as people running the old msi versions of Powershell can attest). The new Virtual PC has hit RC status. OpenGL is supported in the major graphic vendors drivers. I've found that most of the real issues with compatibility are from deeply integrated software using unpublished interfaces who aren't in a rush to put the vista versions out and UAC related issues. For many of these companies the clock didn't start until we RTM'd Vista. The latter is a price we will pay for the security it brings, but will be lessened as compatibility updates come out. On the anacdotal side, I'm mainly feel pain with x64 versus x86 rather then Vista versus XP.
   Also in the piece Start Menu issue. My start menu has two options for "shutdown" and a somewhat hidden advanced menu. The two options on my box are: low power mode and lock session. Ironically, I don't even use either of them on my home machine. I just push the power button on my case to go to low power mode. At work I only use the Lock one (assuming I don't just press Windows-L). So it appears they choose the right two.
   For bonus points the author then compares upgrading a point release of openSUSE to upgrading Vista from XP. A fair comparison would be to a service pack update, although I would guess that even that would be more then the dot release.
   Which finally concludes in the classic, why update? If you need a single compelling reason to go to vista, it would be security and maybe the flashier GUI, after that it just feels better, the sum of a thousand little things. This is not great for marketing, but pure addicting goodness as a user and home admin. This should become quite apparent after the OS is actually out there, but you can see it in people like the TWIT crowd who has talked about their experiences since they first installed it and now really like it (oh and they are heavy Mac users). My suggestion is to find someway to use it for a week or two and decide for yourself.

Disclosure: I am a Microsoft Employee who works on Windows, but these views are my personal ones and are not my employers.

Check out this windows mobile or java client for looking at maps, traffic, driving directions and local search.

Joel writes:

Of all the things broken at Microsoft, the way they use source control on the Windows team is not one of them.

...

When you're working with source control on a huge team, the best way to organize things is to create branches and sub-branches that correspond to your individual feature teams, down to a high level of granularity. If your tools support it, you can even have private branches for every developer. So they can check in as often as they want, only merging up when they feel that their code is stable. Your QA department owns the "junction points" above each merge. That is, as soon as a developer merges their private branch with their team branch, QA gets to look at it and they only merge it up if it meets their quality bar.

So where does the branching model have issues in Windows?

First, we haven't gone to a branch(s) per developer so there are semi redundant tools for managing checked in code and tools for managing potential changes not checked in. This causes friction in building and testing such changes. Also a branch implies a path for a change to get some main place or product, and managing the path can be annoying. You get emails of, "The old path is getting shut down, migrate your code to the new path". At times there is no place to do your work and check it in. Another set of problems come via the quality gates on RIs. Constainsts around how many branches can be built a night and the velocity of change to the overall code base resulting in a need to meet the quality gates quickly and in a automated way. You see, if you take to long to RI, your test results may not be valid anymore becuase the OS has changed enough from other teams.

A lot of this system came as a result of the famed Longhorn Reset and thier was growing pains in such a huge change, so it'll be intresting to see what system we come up for the next release.

The New York Times has developed a pretty cool windows client using the avalon Windows Presentation Framework in .Net Framework 3.0. The pp downloads the articles so that you can browse the news paper offline, it re-flows the content to intelligently display articles based on the size of the windows, has great search features, keeps read state, lets you annotate the articles save it off, etc. It's a pretty powerful demonstration of what new windows applications can be like.  Right now it uses the free NyTimes registration. Check it out!