Print 85 comment(s) - last by PrezWeezy.. on Mar 3 at 1:03 AM

Microsoft reassures its testers that it is carefully considering their feedback

Ever since Microsoft released the beta of its upcoming Windows 7 to the general public, hundreds of thousands of users have downloaded the OS.  Many took the time to carefully sweep the system, scanning for defects or bugs.  As a result, Microsoft has been receiving a steady stream of information from beta testers.  Many testers of late, though, have become disgruntled as Microsoft has offered little in the way of official communication about the problems its testers were reporting.

However, Microsoft's Steven Sinofsky, senior vice president for the Windows and Windows Live Engineering Group, has broken the silence at last, saying that Microsoft has indeed been listening and has fixes planned for over 2,000 bugs found by testers.

Mr. Sinofsky writes that at its peak, Microsoft was receiving one Send Feedback report every 15 seconds for an entire week.  It has received 500,000 feedback reports already -- approximately 500 per developer, part of why it has been too busy to say much.  Microsoft also thanks its Connect members (the MSDN/Technet enrolled beta customers) for sending in numerous technical reports.  Both the public and the Connect feedback has helped more bugs be found and fixed than in any previous Windows release, Mr. Sinofsky states.

Mr. Sinofsky shed light on Microsoft's definition of a bug as well, stating:

Let's talk a bit about "bugs". Up front it is worth making sure we're on the same page when we use the much overloaded term bug. For us a bug is any time the software does something that someone one wasn't expecting it to do. A bug can be a cosmetic issue, a consistency issue, a crash, a hang, a failure to succeed, a confusing user experience, a compatibility issue, a missing feature, or any one of dozens of different ways that the software can behave in a way that isn't expected. A bug for us is not an emotional term, but just shorthand for an entry in our database representing feedback on the product. Bugs can be reported by a human or by the various forms of telemetry built into Windows 7. This broad definition allows us to track and catalog everything experienced in the product and do so in a uniform manner.

Hardware support is also doing quite well for the new operating system.  Microsoft has recorded 10 million device installations, and the use of around 2.8M unique plug-and-play device identifiers.  Of the hardware used, over 75 percent of it worked with the system's prepackaged drivers, writes Mr. Sinofsky.  He says that virtually all of the remaining hardware was easily support via driver downloads from Windows Update or by direct links to the manufacturer's web site.

Even some critics who were incensed at Microsoft's lack of communications have been warmed up by Mr. Sinofsky.  Chris Holmes of the blog GeekSmack recently had written, "I know I drifted off into a bit of a rant ... and hopefully this feedback is taken seriously by the Windows team (hey, there's a chance, it's not like we're dealing with the Windows Live team, those people don't know the meaning of the word feedback)."

However, after a personal email from Mr. Sinofsky, his feelings softened.  He states, "I honestly was not expecting a reply as I understand that Steven is undoubtedly a very busy man. But when I checked my in-box a few hours later, not only did he respond, but he did a very good job explaining his position and why the interim builds were not a good option for this release cycle."

While Mr. Sinofsky's metrics and comments surely won't placate all the disgruntled testers out there, it certainly seems a positive direction from Microsoft. 

Microsoft has recently become less stubborn and has become more receptive to feedback, after having long gone its own way.  For example, when a major security flaw was found in the UAC, a critical Windows 7 and Windows Vista component, Microsoft initially refused to change it.  However, it then quickly turned around, swallowing its pride and admitting to its mistake.  The UAC fix is among the many flaws and bugs the team will have fixed for the release of Windows later this year.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: UAC is stupid because Microsoft is stupid.
By kstatefan40 on 2/27/2009 4:15:44 AM , Rating: 2
The "UAC" you speak of in Linux is the NSA-developed "Security-Enhanced Linux" or SElinux. And it actually works much better because it asks for a password and not "Click okay to run as Administrator". Makes the typical lazy American like myself think twice about elevating my privileges to Root because I'll have to enter a damn password every time instead of just clicking "Okay, whatever the hell this is..."

Food for thought.

By The0ne on 2/27/2009 11:10:22 AM , Rating: 2
You're spot on with the password laziness. Hella funnie response as well! You've made my morning :)

By stmok on 2/27/2009 2:34:52 PM , Rating: 2
Eh, no. SELinux is NOT the same as UAC.

SELinux is a mandatory access control solution that allows one to set security profiles.

These profiles can be used:
=> to restrict what an application can/cannot do. (very useful to contain an application should it be compromised);
=> lock out users (including the almighty Root user);
And even...
=> restrict the network resources to a particular application. (Control the flow of information).

Effectively, you can completely confine an application to only what its supposed to do and nothing more. The only disadvantage is the learning curve and the tediousness of creating a profile for an application. (Its quite high, and takes time to get really familiar with what you're doing).

The closest thing Windows has, that is somewhat equivalent to SELinux, is Mandatory Integrity Control (MIC) and User Interface Privilege Isolation (UIPI). This was introduced in Vista and Windows Server 2008. (Obviously, it will be there in Windows 7)...Where do you think IE's "Protected Mode" came from?

Unlike SELinux, users of Windows don't have direct access (at least its not obvious) to tweak MIC and UIPI to their needs. Users rely on third-party software developers and MS to do that job for them. MIC/UIPI is also vulnerable to certain shatter attacks. This allows one to break out of IE's Protected Mode. (This was proven by security researchers last year.)

UAC in Windows Vista, Windows 7, and Server 2008 is a privilege escalation solution to bump a user from standard user privileges to admin user privileges when needed.

The Linux equivalent to UAC is:
=> gksudo (Gnome desktop)
=> kdesu (KDE desktop)
=> su (Command line, gives Root privileges to user)
=> sudo (Command line, gives Root privileges for applications/commands only)

For example: In Ubuntu (which uses Gnome desktop environment by default), only gksudo and sudo are used. There is no root/admin account at all.

If you're a Windows XP user, you can have similar ability as well! Set up a Limited User Account, download and install SuRUN in Admin Account. Before you do that though, make sure you run regedit and go to a very important entry: HKEY_LOCAL_MACHINE => System => CurrentControlSet => Control => LSA => nodefaultadminuser . Change the value from 1 to 0 (Zero).

0 = Administrators Group
1 = Object Creator
(You want to be installing things with Administrators Group ownership! Otherwise, you'll be insecure!)

Anyway, the biggest difference between Windows and Linux is really the goals of the implementation...

Microsoft has to compromise some security for usability of the masses. ie: If its too hard, people will be turned off, and its less sales for MS. (They can't afford to do that). if its too easy, the bad guys will have a field day...This "see-saw" scenario is exactly what was seen with the initial implementation of UAC in Windows 7 Beta.

On the other side of the fence: most Linux developers don't really give two hoots about the mainstream masses as they only focus on the core bits of Linux. The responsibility to bring things to a wider audience is on the distro developers (Like Red Hat, Canonical, Novell, Mandriva, etc). Its the distro developer's job to compile all the various bits and pieces together into something usable.

"This is from the It's a science website." -- Rush Limbaugh

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki