Print 85 comment(s) - last by PrezWeezy.. on Mar 3 at 1:03 AM

Microsoft reassures its testers that it is carefully considering their feedback

Ever since Microsoft released the beta of its upcoming Windows 7 to the general public, hundreds of thousands of users have downloaded the OS.  Many took the time to carefully sweep the system, scanning for defects or bugs.  As a result, Microsoft has been receiving a steady stream of information from beta testers.  Many testers of late, though, have become disgruntled as Microsoft has offered little in the way of official communication about the problems its testers were reporting.

However, Microsoft's Steven Sinofsky, senior vice president for the Windows and Windows Live Engineering Group, has broken the silence at last, saying that Microsoft has indeed been listening and has fixes planned for over 2,000 bugs found by testers.

Mr. Sinofsky writes that at its peak, Microsoft was receiving one Send Feedback report every 15 seconds for an entire week.  It has received 500,000 feedback reports already -- approximately 500 per developer, part of why it has been too busy to say much.  Microsoft also thanks its Connect members (the MSDN/Technet enrolled beta customers) for sending in numerous technical reports.  Both the public and the Connect feedback has helped more bugs be found and fixed than in any previous Windows release, Mr. Sinofsky states.

Mr. Sinofsky shed light on Microsoft's definition of a bug as well, stating:

Let's talk a bit about "bugs". Up front it is worth making sure we're on the same page when we use the much overloaded term bug. For us a bug is any time the software does something that someone one wasn't expecting it to do. A bug can be a cosmetic issue, a consistency issue, a crash, a hang, a failure to succeed, a confusing user experience, a compatibility issue, a missing feature, or any one of dozens of different ways that the software can behave in a way that isn't expected. A bug for us is not an emotional term, but just shorthand for an entry in our database representing feedback on the product. Bugs can be reported by a human or by the various forms of telemetry built into Windows 7. This broad definition allows us to track and catalog everything experienced in the product and do so in a uniform manner.

Hardware support is also doing quite well for the new operating system.  Microsoft has recorded 10 million device installations, and the use of around 2.8M unique plug-and-play device identifiers.  Of the hardware used, over 75 percent of it worked with the system's prepackaged drivers, writes Mr. Sinofsky.  He says that virtually all of the remaining hardware was easily support via driver downloads from Windows Update or by direct links to the manufacturer's web site.

Even some critics who were incensed at Microsoft's lack of communications have been warmed up by Mr. Sinofsky.  Chris Holmes of the blog GeekSmack recently had written, "I know I drifted off into a bit of a rant ... and hopefully this feedback is taken seriously by the Windows team (hey, there's a chance, it's not like we're dealing with the Windows Live team, those people don't know the meaning of the word feedback)."

However, after a personal email from Mr. Sinofsky, his feelings softened.  He states, "I honestly was not expecting a reply as I understand that Steven is undoubtedly a very busy man. But when I checked my in-box a few hours later, not only did he respond, but he did a very good job explaining his position and why the interim builds were not a good option for this release cycle."

While Mr. Sinofsky's metrics and comments surely won't placate all the disgruntled testers out there, it certainly seems a positive direction from Microsoft. 

Microsoft has recently become less stubborn and has become more receptive to feedback, after having long gone its own way.  For example, when a major security flaw was found in the UAC, a critical Windows 7 and Windows Vista component, Microsoft initially refused to change it.  However, it then quickly turned around, swallowing its pride and admitting to its mistake.  The UAC fix is among the many flaws and bugs the team will have fixed for the release of Windows later this year.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

UAC is stupid because Microsoft is stupid.
By reader1 on 2/26/2009 10:31:06 AM , Rating: -1
Closing the PC (ie controlling content) eliminates the need for UAC. Closing Windows would be as simple as letting Microsoft (or another company) control UAC remotely. That would revolutionize computers.

RE: UAC is stupid because Microsoft is stupid.
By bobsmith1492 on 2/26/2009 10:47:55 AM , Rating: 5
Um... no.

RE: UAC is stupid because Microsoft is stupid.
By reader1 on 2/26/09, Rating: -1
RE: UAC is stupid because Microsoft is stupid.
By GoodBytes on 2/26/2009 11:22:29 AM , Rating: 3
Wtf are you talking about. You don't even know what UAC is.
Linux even has it.

PLEASE, stop saying what you were told by other, and read up on it. This is a 'life' saving feature. I already put a friends USB stick on my computer which has a virus or malware which executes as autorun. I knew this because when I plug-it in, windows goes "auotrun.exe wants Admin rights?", I was like "No" and THEN my anti-virus goes alert me of a virus on the USB stick which is autorun.exe. You can image other scenarios like you want to select a file that you know is dangerous and your double click by accident.

Also, it fixes the problem that if you are under a limited account you can easily install applications with the admin password. Under Win2000/XP its doable, but what it does actually is not give permission, it actually loads the Administrator account and installs it inside. This causes many complications for many applications (hens one of the reason why everyone stay as Admin under XP).

The interesting thing with Vista is that UAC can be disabled by a simple check box. Check the OS help doc for more information. Under Win7 ou can fine tune it or disable it.

I hope this help understanding this feature better, and that you stop listen to other ignorants or close minded buffoons. And start taking a real opinion like a real smart person, based on your best of knowledge. Such attitude will be very beneficial in life.

By DarkElfa on 2/26/2009 12:28:03 PM , Rating: 2
I've been using the beta on both our main home PC's and other than the occasional bug or glitch, its more stable than Vista and faster. I only wish they could simply sell an upgrade to the beta so I don't have to do a major reinstall in August.

RE: UAC is stupid because Microsoft is stupid.
By kstatefan40 on 2/27/2009 4:15:44 AM , Rating: 2
The "UAC" you speak of in Linux is the NSA-developed "Security-Enhanced Linux" or SElinux. And it actually works much better because it asks for a password and not "Click okay to run as Administrator". Makes the typical lazy American like myself think twice about elevating my privileges to Root because I'll have to enter a damn password every time instead of just clicking "Okay, whatever the hell this is..."

Food for thought.

By The0ne on 2/27/2009 11:10:22 AM , Rating: 2
You're spot on with the password laziness. Hella funnie response as well! You've made my morning :)

By stmok on 2/27/2009 2:34:52 PM , Rating: 2
Eh, no. SELinux is NOT the same as UAC.

SELinux is a mandatory access control solution that allows one to set security profiles.

These profiles can be used:
=> to restrict what an application can/cannot do. (very useful to contain an application should it be compromised);
=> lock out users (including the almighty Root user);
And even...
=> restrict the network resources to a particular application. (Control the flow of information).

Effectively, you can completely confine an application to only what its supposed to do and nothing more. The only disadvantage is the learning curve and the tediousness of creating a profile for an application. (Its quite high, and takes time to get really familiar with what you're doing).

The closest thing Windows has, that is somewhat equivalent to SELinux, is Mandatory Integrity Control (MIC) and User Interface Privilege Isolation (UIPI). This was introduced in Vista and Windows Server 2008. (Obviously, it will be there in Windows 7)...Where do you think IE's "Protected Mode" came from?

Unlike SELinux, users of Windows don't have direct access (at least its not obvious) to tweak MIC and UIPI to their needs. Users rely on third-party software developers and MS to do that job for them. MIC/UIPI is also vulnerable to certain shatter attacks. This allows one to break out of IE's Protected Mode. (This was proven by security researchers last year.)

UAC in Windows Vista, Windows 7, and Server 2008 is a privilege escalation solution to bump a user from standard user privileges to admin user privileges when needed.

The Linux equivalent to UAC is:
=> gksudo (Gnome desktop)
=> kdesu (KDE desktop)
=> su (Command line, gives Root privileges to user)
=> sudo (Command line, gives Root privileges for applications/commands only)

For example: In Ubuntu (which uses Gnome desktop environment by default), only gksudo and sudo are used. There is no root/admin account at all.

If you're a Windows XP user, you can have similar ability as well! Set up a Limited User Account, download and install SuRUN in Admin Account. Before you do that though, make sure you run regedit and go to a very important entry: HKEY_LOCAL_MACHINE => System => CurrentControlSet => Control => LSA => nodefaultadminuser . Change the value from 1 to 0 (Zero).

0 = Administrators Group
1 = Object Creator
(You want to be installing things with Administrators Group ownership! Otherwise, you'll be insecure!)

Anyway, the biggest difference between Windows and Linux is really the goals of the implementation...

Microsoft has to compromise some security for usability of the masses. ie: If its too hard, people will be turned off, and its less sales for MS. (They can't afford to do that). if its too easy, the bad guys will have a field day...This "see-saw" scenario is exactly what was seen with the initial implementation of UAC in Windows 7 Beta.

On the other side of the fence: most Linux developers don't really give two hoots about the mainstream masses as they only focus on the core bits of Linux. The responsibility to bring things to a wider audience is on the distro developers (Like Red Hat, Canonical, Novell, Mandriva, etc). Its the distro developer's job to compile all the various bits and pieces together into something usable.

RE: UAC is stupid because Microsoft is stupid.
By The0ne on 2/27/2009 11:14:55 AM , Rating: 2
In addition to UAC, there are other less intrusive programs to use to prevent viruses and spam from starting.

1. Spybot
2. Adware
3. Threatfire (XP only)
4. Virus scanner, I use the free Avast
5. UAC, which I disable for Vista but use in Win7 :)
6. Zone Alarm or similar program

I always have the top 4 installed. I got nephews and nieces that uses PCs around here, got to be careful :D

RE: UAC is stupid because Microsoft is stupid.
By stmok on 2/27/2009 2:52:29 PM , Rating: 2
You don't need all that...

In Win2k or XP
1. Set up a Limited User Account.
2. (a) Set Software Restriction Policy to Deny Default (XP Pro only)
2. (b) Install Trust-No-Exe (Win2k and XP Home Only)
3. Set the nodefaultadminowner registry setting to Administrator's Group (as discussed above in my long post).
4. Install SuRUN.
5. Install a third-party firewall with Host-based Intrusion Protection System (HIPS)
(a) PC Tools Firewall Pro 5.x
(b) Online Armor Free Edition
(c) Comodo Security (install the firewall and Defense+ components, NOT AV part).

If I used Vista or Windows 7, it would be similar...
1. Set up a Standard User Account.
2. (a) Set Software Restriction Policy to Deny Default (Ultimate/Business/Enterprise only)
2. (b) Set AppLocker to Deny Default (Windows 7)
3. Set the nodefaultadminowner registry setting to Administrator's Group (Not sure if this still applies in Vista/Windows 7).
4. Leave UAC on. Set to max notification.
5. Install a third-party firewall with Host-based Intrusion Protection System (HIPS)
(a) PC Tools Firewall Pro 5.x
(b) Online Armor Free Edition
(c) Comodo Security (install the firewall and Defense+ components, NOT AV part).

No anti-malware apps needed.
No signatures to download.
No performance gobbling security apps running in the background.

...Just need your brain to be trained for more security conscious practices!

Prevention NOT cures. That's what I learned from the Linux/Unix world.

RE: UAC is stupid because Microsoft is stupid.
By TomZ on 2/27/2009 7:12:56 PM , Rating: 2
You don't need ANY of that. Just don't let idiots use your machine and you won't have any problems at all!

By Chocobollz on 2/28/2009 8:09:55 AM , Rating: 2
LOL.. and what if that idiot is you yourself? xD

RE: UAC is stupid because Microsoft is stupid.
By walk2k on 2/26/2009 12:26:35 PM , Rating: 2
UAC is stupid but not for the reason you suggest (actually I didn't really see a reason there but...)

It's stupid because it annoys the users so badly that they will either turn it off (like I did after 2 days and like most sane people will) or it will just train them to ignore the warnings and click OKOKOKOK as fast as they can.

By rdeegvainl on 2/26/2009 4:34:56 PM , Rating: 2
like i stated above, users have been trained to just click ok ok ok as fast as they can for over a decade. Way before UAC came along. That is also why users don't realize the benefits of UAC. Cause they just want to run whatever, whenever, no matter the risk, then complain about MS when they explicitly told their computer to install malware.

By omnicronx on 2/26/2009 2:10:26 PM , Rating: 2
We know.. you have only posted the exact same comment every single time a DT article has anything to do with Microsoft. Give it a break, nobody cares about your FUD!

By rudolphna on 2/26/2009 10:56:18 PM , Rating: 1

"DailyTech is the best kept secret on the Internet." -- Larry Barber

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki