Thoughts for the geeks
Feb. 27th, 2007 03:38 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
lprovenI've had my first brief play with Vista recently. Not on my own kit - I don't have anything that's up to it - but in a few stores and so on.
It's kinda pretty but I didn't feel as much of the "wow" as the reviews had led me to expect. The transparency of Aero seemed like a waste of time to me, as it does on OS X. The window-flipper is marginally more use than I expected but not as nifty as Exposé - but then, as a keyboard-driven sort, I don't use even that much. The rearranged control panel is a pain, as expected.
Overall, I'm underwhelmed.
But it's led me to wonder just what I would have liked to have seen.
Overall, I think, 2 things.
I'd have liked smaller, faster, more modular, real innovation in the GUI not a bit of chrome, stuff like that, but MS are very poor at that.
But the thing that I hoped for was fixing the lamentable security.
It's a month on and holes are appearing. No surprise there, then.
But UAC really is a pain in the butt. You just press "continue". That's amazingly dumb. I know ordinary users ARE dumb, but this will just train them to click "continue", not make them think. And the "details" button tells you sod-all. The dialog box is apparently colour-coded to give you a hint. (I must admit, I didn't notice.) That's a bad plan, because that can be spoofed, and already has.
The default account is restricted. But from my reading, my impression is that it's rights-reduced: there are prompts on stuff that's perceived to be dangerous and IE runs in even lower privileges - except when it's not, like when it manipulates your favourites or the cache.
This seems to me to be ass-backwards. It ough to be like OS X or Ubuntu, when your account isn't an admin and can't do admin stuff, prompt or no prompt. But you have "sudo", so that on provision of credentials, that process temporarily becomes the admin and can do admin-ey stuff.
In other words, MS has taken the "blacklist" model - OK unless suspect, in which case, you're asked first. Whereas OS X and Ubuntu take the whitelist model - everything's suspect, and you're asked to approve everything.
It seems a cop-out to me. They should have gone for real restricted accounts; NT has always had "run as" to do admin stuff.
Secondly, IE. The GUI still appears to be HTML-driven - it's the old Active Desktop with a facelife. Using the same code to render remote (untrusted) content and local (semi-trusted) content is just plain wrong.
I reckon IE7 should have reinstated Netscape plugin support - it was only dropped in IE5.5, remember - and removed ActiveX altogether. The Vista Explorer was a chance for a clean slate, binning the old IE4 HTML-rendered model, and going back to the original Win95/NT4 Explorer and fixing it.
No commonality of code between GUI and browser, and no running of remote binaries.
Between those 2, I reckon they'd have closed a lot of Vista's holes.
What do you think, folks?
It's kinda pretty but I didn't feel as much of the "wow" as the reviews had led me to expect. The transparency of Aero seemed like a waste of time to me, as it does on OS X. The window-flipper is marginally more use than I expected but not as nifty as Exposé - but then, as a keyboard-driven sort, I don't use even that much. The rearranged control panel is a pain, as expected.
Overall, I'm underwhelmed.
But it's led me to wonder just what I would have liked to have seen.
Overall, I think, 2 things.
I'd have liked smaller, faster, more modular, real innovation in the GUI not a bit of chrome, stuff like that, but MS are very poor at that.
But the thing that I hoped for was fixing the lamentable security.
It's a month on and holes are appearing. No surprise there, then.
But UAC really is a pain in the butt. You just press "continue". That's amazingly dumb. I know ordinary users ARE dumb, but this will just train them to click "continue", not make them think. And the "details" button tells you sod-all. The dialog box is apparently colour-coded to give you a hint. (I must admit, I didn't notice.) That's a bad plan, because that can be spoofed, and already has.
The default account is restricted. But from my reading, my impression is that it's rights-reduced: there are prompts on stuff that's perceived to be dangerous and IE runs in even lower privileges - except when it's not, like when it manipulates your favourites or the cache.
This seems to me to be ass-backwards. It ough to be like OS X or Ubuntu, when your account isn't an admin and can't do admin stuff, prompt or no prompt. But you have "sudo", so that on provision of credentials, that process temporarily becomes the admin and can do admin-ey stuff.
In other words, MS has taken the "blacklist" model - OK unless suspect, in which case, you're asked first. Whereas OS X and Ubuntu take the whitelist model - everything's suspect, and you're asked to approve everything.
It seems a cop-out to me. They should have gone for real restricted accounts; NT has always had "run as" to do admin stuff.
Secondly, IE. The GUI still appears to be HTML-driven - it's the old Active Desktop with a facelife. Using the same code to render remote (untrusted) content and local (semi-trusted) content is just plain wrong.
I reckon IE7 should have reinstated Netscape plugin support - it was only dropped in IE5.5, remember - and removed ActiveX altogether. The Vista Explorer was a chance for a clean slate, binning the old IE4 HTML-rendered model, and going back to the original Win95/NT4 Explorer and fixing it.
No commonality of code between GUI and browser, and no running of remote binaries.
Between those 2, I reckon they'd have closed a lot of Vista's holes.
What do you think, folks?
