From the drivel file: Unfixable Windows 7 security flaw

There’s an article floating around the blogosphere that says two security researchers have discovered an “unfixable” security hole in Windows 7. A friend of mine just pointed me to it, with the usual Red Robbin/Sky is Falling spin.

Two minor problems. First, the “unfixable” security hole, or one just like it, exists in every PC operating system.

Second, in order to take advantage of the flaw, you have to be sitting in front of the PC.

Drivel. I’m sorry, but I can’t imagine why stuff like this gets airplay.

You all know the 10 Immutable Laws of Security, right? Microsoft posted it on TechNet about ten years ago:

Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore

Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore

Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore

Law #4: If you allow a bad guy to upload programs to your website, it’s not your website any more

Law #5: Weak passwords trump strong security

Law #6: A computer is only as secure as the administrator is trustworthy

Law #7: Encrypted data is only as secure as the decryption key

Law #8: An out of date virus scanner is only marginally better than no virus scanner at all

Law #9: Absolute anonymity isn’t practical, in real life or on the Web

Law #10: Technology is not a panacea

MSFT sales down 6%, profits down 32%, year-on-year

David Goldman, at CNN Money, puts it this way:

The company has had a difficult time combating slumping demand for its Windows operating system, as the economic slowdown has dragged PC sales down 7% to 9%, according to Microsoft’s estimates. The recession has also prompted many consumers to opt for cheaper, scaled-down “netbooks” that perform only basic tasks like e-mail and accessing the Internet. They typically run open-source operating systems like Linux, rather than Windows.

Sorry, but that isn’t true. Most netbooks run Windows XP. Preston Gralla (hi, Pres!), writing on  his ComputerWorld blog says, “A study by the analyst firm NPD Group has found that more than 90% of netbooks sold in November, December, and January shipped with Windows on them. Just as important is that only in December did netbook sales truly take off.”

Preston’s observation certainly matches what I’ve seen – although I’ve been very impressed by Linux on my Asus Eee 1000H.

“The trouble for Microsoft is that its cash cow is shifting,” said Carl Howe, analyst with Yankee Group. “PC sales are troubled, and they’re getting hurt by the move to cheaper notebooks.”

It’s gonna be interesting to see how Windows 7 turns all this around. Er, if Windows 7 turns all of this around. Maybe I’ve swallowed the Kool-Aid, but based on three months of continuous thumping on Windows 7, I’m convinced that it’s the best operating system to come out of Microsoft. Period.

Windows 7 = Kernel version 7.0? No way.

I just read another bit of drivel about Windows 7, referring to an MSDN article on drivers that mentions “Msft.NT.7.0″ and asking:

Has this changed? Is “Msft.NT.7.0″ just a way of expressing Windows 7 and not kernel version 7, if not, why not just say NT.6.1 in the INF? Or is the documentation incorrect? It remains to be seen.

Let’s see if we can get this straight. Windows 7 is so close to Release Candidate status, so close to shipping, that we won’t see any changes at all from the current builds, except ones directly affecting stability and preventing data loss. Changing a comma in a dialog box at this point is a Real Big Deal.

The only reason why I mention this (again) is that Brandon, a Microsoft employee, shot back on the blog:

We named it Windows 7 from the beginning, it wasn’t even marketing that originally chose that brand, it was our internal “code name.” The builds were versioned at 7.0. It broke compatibility for too many apps/drivers, so we changed the versioning APIs to report 6.1 to reflect the level of compatibility that should be expected by pre-existing software.

I thought we’d been over this. Windows 7 is Windows 7.0. There are far more important things than driver architecture that change (and hell, there are driver architecture changes in Win7).

So no, there is no “Windows 6.1 kernel” and never was. There’s just the Windows 7 kernel. This is how it’s always been, this article is just silly.

Bravo. It’s refreshing that MS finally allows its employees to stand up in public and shout “BS” when the “news” being spread is just garbage.

Brandon deserves a raise…

More Windows 7 builds – 7106 vs 7077

The Hacks Daily web site (which has a remarkably good record tracking Windows 7 builds) reports that Windows 7 Build 7106 should be leaked any time now. The Chinese version is expected first – which probably (but not definitively) means the source of the leak is in China.

That’s interesting, to me, because of the number.

The last widely available build was 7077 – just a few days ago.

So what’s with the big increase in build numbers? I’d be willing to betcha just about anything that the 7077 version will turn into Release Candidate 1. It may take a couple more builds, but I believe RC1 lies down that path.

I’d also be willing to betcha that the 71xx builds are for the final, RTM (Release to Manufacturing) version. In other words, Microsoft has already “forked” the RTM version away from the RC1 version.

Based on the build numbers, we’re very close to seeing RC1.

BTW, build 7077 runs great on all of my machines. Even that little ASUS Eee PC 1000H that I’ve been so excited about. Hard to believe Windows 7 Ultimate runs reasonably well on the little beast.

Windows XP downgrade rights inanity

Fairly frequently, I skip over “news” items that seem to take the computing world by fire. For example, you haven’t seen me post anything about Windows 7 Build 7105. Why? I don’t have Build 7105 yet, and I have no intention of adding to the vacuous link-to-somebody-who-links-to-somebody chain that amplifies and speculates, but does nothing to elucidate.

Another example: the raging ersatz-news that Microsoft is going to let Windows 7 owners “downgrade” to Windows XP. If you read the fine print, the Microsoft announcement only covered volume-license versions of Windows 7, so it only applies to companies that buy big licenses for Windows 7. Ed Bott has a great take on the news: big companies have always had “downgrade” rights, for every volume-license version of Windows since the time of the pterodactyls.

If you buy a new computer after, oh, mid-August, I can guarantee that the last thing you’ll want to do is downgrade it from Windows 7 to Windows XP. I’ve been running Windows 7 Ultimate (beta build) on an Asus Eee PC 1000H for more than a month, and it works great. I wouldn’t trade it in for a Windows XP version for all the tea in China.

Microsoft’s program allows for big companies to continue to run older versions of Windows on older computers and keep their licenses valid. Microsoft may even allow hardware vendors to ship computers with Windows XP pre-installed, at least for a little while. That’s going to be a foolhardy choice. Wait. You’ll see.

Microsoft plans major Windows 7 announcement – urp

Okay, so I’m seeing notices all over the Internet that Microsoft is going to make a “major” Windows 7 announcement shortly. InfoWorld said:

Microsoft will make “major new announcements” relating to its forthcoming Windows 7 operating system when it launches the Release Candidate of the OS, according to a British technology news site.

Well, of course Microsoft will make major new announcements when the RC ships. It’s another non-news event that doesn’t even rise above the background level – one of the reasons why I haven’t posted anything about it.

That was until I read Paul Thurrot’s take on the topic:

I do know what at least one of these big surprises is. And no, I’m not talking. But let’s just say I’ve been hinting at it for a while now.

Gad.

My guess is that Microsoft will announce some sort of Windows XP emulator that runs under Windows 7 Enterprise Edition. (No, they won’t call it an emulator, they’ll call it “Enterprise Desktop Virtualisation” but – with apologies to the developers who hate the term – it’s basically a fancy emulator.) That’ll make a lot of companies happy. But it’s not something I would call major.

Major would be an announcement about Morro. You may recall that Morro is the promised FREE Microsoft antivirus/antimalware program that’s supposed to ship in “the second half of 2009.” Ryan Naraine has a good write-up on his ZDNet blog.

I’d stand up and cheer for Morro – if only because it’d reduce the cries of pain from Norton and McAfee users.

Windows 7 builds flying fast and furious

We’ve got new builds of Windows 7 all over the place.

Build 7068 is on the newsgroups, and you can retrieve a pirate copy if you feel so inclined. Paul Thurrott just posted screen shots of build 7068’s Home Basic. The most remarkable part of build 7068: it lets you install most of the different versions of Windows 7, so if you’re curious about what’s in, say, Home Premium that isn’t in Home Basic, build 7068 should ring your chimes.

Not to be outdone, Ars Technica has shots of Build 7070. There’s an interesting story behind the shots. They came from a site known as Facepunch. Facepunch has a thread about Windows 7 that’s 180+ pages long, peppered with completely off-the-topic inanities and more than a little commentary of the “WTF” nature. Apparently somebody posted the shots of build 7070 with this explanation:

I just came back from Microsoft, since my Dad works there. He works for in the SQL server division and here are some screenshots I took about the new build 7070. I don’t know if there is anything new to this build, but they installed it yesterday, so it probably will be leaked soon. They said it was a major update; maybe not to the user interface but more to the Kernel. Just letting you guys know

I have no way of verifying the veracity of the statement, but it’s certainly provocative.

Emil Protalinski at Ars Technica goes on to say:

I’ve heard that the last three (7070, 7071, and 7072) are being considered to be labelled as the RC-escrow build. That build will be sent to testers sometime in April, and we already know that the RC download page may come in May. That’s what I’ve heard, though what Microsoft will end up doing in the end, I can’t guarantee.

I’ll stick to my original guess: widespread availability of Release Candidate 1 in April. Official posting in May. RTM in July or August, with shrinkwrapped product on store shelves by September 1.

Windows 7 Experience Index hard drive numbers changed

Comparing the Windows Experience Index performance details for Windows 7 Build 7000 (the official “beta” version) and Build 7057 (the latest leaked build), there’s no question that Microsoft is changing both the performance tests and the way they’re interpreted.

The WEI – Microsoft’s performance index – is put together by a program called WinSAT, the Windows System Assessment Tool. If you’re curious about the details, I talk about WinSAT in Windows Vista Timesaving Techniques For Dummies, Technique 1. (The Windows Experience Index originated with Vista; you can run the tests on Windows XP machines, but they don’t mean much.)

WinSAT stores the results of its tests in XML files in c:\Windows\Performance\WinSAT\DataStore. If you look in that folder you can see the results of all of the WinSAT tests that have been run on your PC since day one.

I compared the WinSAT reports run under Build 7000 with the WinSAT reports under Build 7057, and found that not only did the performance scores change, the tests themselves changed.

To re-state that in plain English: Microsoft has changed the way it’s measuring hard drive performance in Windows 7, no doubt in response to voluminous complaints from customers that the hard disk performance number in the Windows 7 beta didn’t match customers’, uh, experience. (I, too, railed about it in my Windows Secrets Newsletter article.) The powers-that-be may have also been influenced by the fact that turning off disk write caching – thus presumably slowing down the hard drive – drives up the Windows 7 beta hard disk performance number. An embarrassing bit of techie tinkering.

My Windows 7 beta (32-bit) machine lists these hard drive scores:

<AvgThroughput kind=”Sequential Read” units=”MB/s” ioSize=”65536″ score=”5.8″>62.56167</AvgThroughput>
<AvgThroughput kind=”Random Read” units=”MB/s” ioSize=”16384″ score=”3.5″>1.45000</AvgThroughput>
<MeanLatency Kind=”Read With Sequential Background Writes” units=”us” score=”4.3″>9070</MeanLatency>
<MaxLatency Kind=”Read With Background Writes” units=”us” percentile=”95″ score=”1.9″>68724</MaxLatency>
<MaxLatency Kind=”Read With Background Writes” units=”us” percentile=”100″ score=”7.1″>257208</MaxLatency>
<MeanLatency Kind=”Read With Random Background Writes” units=”us” score=”2.6″>15010</MeanLatency>

The same computer, same hard drive, same everything, running under Windows 7 Build 7057 logs these performance numbers:

<AvgThroughput kind=”Sequential Read” units=”MB/s” ioSize=”65536″ score=”5.7″>62.35333</AvgThroughput>
<AvgThroughput kind=”Random Read” units=”MB/s” ioSize=”16384″ score=”3.3″>1.17000</AvgThroughput>
<Responsiveness Kind=”AverageIORate” units=”ms/IO” score=”5.6″ factor=”0.0″>4.64000</Responsiveness>
<Responsiveness Kind=”GroupedIOs” units=”units” score=”6.7″ factor=”0.0″>12.23557</Responsiveness>
<Responsiveness Kind=”LongIOs” units=”units” score=”6.9″ factor=”0.0″>15.52148</Responsiveness>
<Responsiveness Kind=”Overall” units=”units” score=”6.4″ factor=”0.0″>189.91417</Responsiveness>
<Responsiveness Kind=”Cap”>FALSE</Responsiveness>

See how the numbers change, as do the tests?

The bottom line is that my hard drive, which scored a 3.0 in the Windows 7 beta, now scores a 5.7. It didn’t get twice as fast. Microsoft changed the way it measures and reports performance.

Don’t get me wrong. The Windows 7 Beta disk performance test is a fine test. Mathematically it’s backed to the hilt with surveys, cross-checks, experiments, and lots of real-world correlation with the test results. The problem is that the test didn’t measure what I do with my hard drive. I spend a lot of time on sequential reads – streaming media, sucking in photos, leafing through songs. I spend very little time with random writes: I don’t modify picture files in great quantities, or perform massive database updates.

There’s good reason for stress-testing and reporting the results of stress tests as part of the WEI. For example, I red-line my CPU from time to time, and it’s worthwhile knowing whether one CPU can handle the load better than another. I stress out my video card all the time. The fact that there are two different WEI numbers for video cards doesn’t bother me a bit – I can understand where Microsoft is coming from, and adjust my expectations accordingly. I don’t expect the memory test to tell me much except whether it’d help to add more memory. And the WEI score reflects that expectation well enough.

But the hard drive WEI test in the Windows 7 beta just didn’t reflect my reality. And I bet it doesn’t reflect yours, either.

If I have one hard disk with a WEI of 3.0 and another with a WEI score of 5.7, I expect the second one to perform significantly faster than the first, doing the kinds of things I usually do. I should be able to stream movies with fewer drop-outs. Run backups faster. See thumbnails of my photos and album covers faster. Open picture files faster. Start programs faster. The Windows 7 beta WEI disk score didn’t measure any of that. So, for me, it was worthless. Worse than worthless, actually, because a low, meaningless WEI disk score can pull down the rating of my whole PC. That’s the problem I talked about in my Windows Secrets Newsletter article.

It appears as if Microsoft is listening, and making significant last-minute changes in Windows 7 based on reasonable comments and complaints from customers. I, for one, find that refreshing. And different.