Windows 7 Performance Guide
by Ryan Smith and Gary Key on October 26, 2009 12:00 AM EST- Posted in
- Systems
The Rough Edges
The first thing that bothers us is a technical matter, and that is the addition of various levels of UAC , and the security ramifications of that. We’ve talked about this before in our look at the release candidate, but it bears repeating.
With the changes made to Windows 7, at the default UAC level of 2, signed Microsoft executables are auto-elevated to admin privileges when run by an admin. This primarily manifests itself in the Control Panel, where most of the panels are allowed to auto-elevate so that users may make changes without facing a UAC prompt.
There’s certainly a benefit to this in terms of user interaction, since the Control Panel and installing software are the two most common admin-level tasks a user will do. The latter is a repeating occurrence, but the former is something that usually only happens once when the computer is set up. So by making this change, the new-user experience involves less UAC.
The UAC Control Panel With Level Slider
It’s the security ramifications of this that concern us. Someone already managed to exploit this in the pre-RC phase (where the UAC control panel itself was auto-elevating) to disable UAC entirely. The concern we have is that all of these auto-elevating programs are an obvious target for a local privilege escalation attack to accomplish something similar, if not the same. Imagine finding a way to make the Display control panel execute a 3rd party application with admin privileges, for example.
Now to be clear, it’s not as if this is the only way to achieve local privilege escalation attacks. The Windows kernel itself is a target, and I can’t think of any major desktop OSes that haven’t seen such an attack in the past. But this makes that easier, potentially much easier. And that’s a risky proposition when a UAC prompt may be all that’s left between malware executing and running amok or not.
Certainly someone is going to bite my head off for this, but I don’t think Microsoft should have made such a fundamental change to UAC. More casual users may not have been fond of how Vista or UAC Level 3 handle security, but it was a more secure choice than Level 2. To that end, I certainly wouldn’t recommend running Win7 at the default UAC level for any computer connected to the internet.
On a lighter note, even after using the release version of Win7 for 2 months now, I’m still wondering who thought it was a good idea to make the title bar of maximized windows semi-transparent. Certainly for windowed windows it makes some sense, as you can see what’s underneath. But for maximized windows? If I was concerned for what was under the window, why would I have it maximized?
Finally there’s Windows Mail, or rather the lack of it. Obviously email clients have come under diminished importance in the last few years as web-based email (e.g. Gmail) continues to rise in popularity, but this doesn’t mean that an email client is not necessary. And I get that Microsoft wants to separate the email client from the operating system so that they can push out major client updates outside of major OS releases.
Windows Mail: Have you seen me?
But what I don’t get is why there’s any reason good enough for Windows to not come with an email client at all. It’s 2009, why is there an operating system being released without an email client? I only hope that OEMs are adding email clients to their prebuilt computers, otherwise there may be some very confused Windows 7 users as people start snapping up new machines.
Facebook
Twitter
RSS
207 Comments
View All Comments
Matt Campbell - Monday, October 26, 2009 - link
Many people are having problems with the unpacker itself - and you still have to create the iso from the setup files.http://www.theregister.co.uk/2009/10/26/microsoft_...">http://www.theregister.co.uk/2009/10/26...osoft_wi...
JimmyJimmington - Monday, October 26, 2009 - link
No, it doesn't violate anything.Pjotr - Monday, October 26, 2009 - link
[quote]a 25% advantage over XP and 34% over Vista,[/quote]New reviewers, same old math error!
Windows 7 is 51% faster than Vista and 34% faster than XP, according to your graph. Windows 7 performs the job in 34% less time than Vista and 25% less time than XP, according to your graph.
ProDigit - Tuesday, October 27, 2009 - link
I'm sure those numbers are relative to which program you use; from battery point of view Win7 uses more battery to complete the task too.ViRGE - Monday, October 26, 2009 - link
No, they have it right. It's a lower is better test. Win7 completes the task in 75% and 66% of the time as XP and Vista respectively. That's 25% and 34%; 100% faster would mean the task is done instantaneously, and 51% faster would mean it's done in less than half the time.ddriver - Monday, October 26, 2009 - link
Hi there, I have a question/proposition for including those DPC latency issues Windows 7 is suffering from...I recently installed it and noticed the unsocially high values in the DPC latency meter. It manifested as awful audio drops and clicks in my DAW applications.
It seems there is some issue with power management drivers in Vista and 7, and while 7 seems a little better compared to Vista, the latency is still very problematic. The very same configuration in Windows XP is running at very low DPC latency, about 20 us (micro), while in 7 the machine idles at about 300 us, and even the most basic processor load results in spikes up to 3000-4000 us, which for an Average Joe that's watching movies or browsing the net will not be an issue, but for real time processing of audio or video, or capturing, it is critical, and the system is basically useless with Windows 7
So I guess this article is a nice place to investigate this problem, that seems to affect PCs with UPS or just a regular laptop, maybe given enough publicity the issue will be resolved.
ProDigit - Tuesday, October 27, 2009 - link
ASIO drivers take care for the audio part for you!I have little to no experience using live capture of video, but perhaps you will prefer a Linux or MacOs for that purpose (if video Latencies are that important).
chizow - Monday, October 26, 2009 - link
Its nice reading an honest account of the oft-marginal differences between Vista SP2 and Win7. I think far too much is made with regard to Win7's improvements, and while I do like Win7 for what it is, I agree its far less of a change from Vista than Vista was from XP.Basically it comes down to there's no really compelling reason to upgrade from Vista to Win7, but at the same time, there's no reason not to other than cost. Win7 is as most of your graphs show, about 5% better than Vista across the board with some UI tweaks, its a new and shiny toy with a new box and packaging.
As for a question you had about built-in e-mail programs:
Its just more of the same annoying anti-trust concerns that prevent Microsoft from bundling useful software that would benefit the end-consumer for the sake of fair competition. Its the same reason they can't bundle any variety of other useful and often free programs out there like codec packs, anti-virus, compression software, blu-ray playback, imaging software, photo viewers etc.
MS can't bundle them with the OS to give the other providers that offer them for free a chance to compete, and in the end it just ends up being a less pleasant experience for the end-user. This is probably the biggest difference imo compared to a Mac, with Mac this basic functionality you expect just works without having to search high and low for a working solution you expect to work for free out of the box.
davidhbrown - Monday, October 26, 2009 - link
It's interesting that no review I've yet read has mentioned that, if you turn off the GUI boot in msconfig to see the text status, Windows 7 identifies itself as version 6.1 compared to Vista's 6.0.I think that says a lot about the differences between Windows 7 and Vista. I'm very happy for the improvements, and I'm really starting to like the "peek" functions (way more functional than Expose). But it does feel more like an update than a whole new OS.
InternetGeek - Wednesday, October 28, 2009 - link
This was explained in a lot of usergroups and similar events in which MVPs and similar took the time to describe the numbering behing Windows 7.It turns out many software vendors write and compile their applications with conditions set to limit the versions of Windows on which their software run. In this case many developers who wrote software for Vista added a mask such that any revision of Vista (6.x) would run fine.
If Microsoft went forward in their usual way and changed the version of the kernel to 7.0 a lot of software would just brake or refuse to run even though the Operating System supported all their operations normally. To prevent this from happening Windows 7 uses a version number of 6.1. No one wants another Vista, we want Microsoft to look good from now on.
At the same time many Microsoft Evagelists, MVPs and similar have gone out of their way promoting the idea of not using this kind of technique and use feature discovery so programs can keep running as new versions of the operating system are introduced in the market.
Practices such as using newer APIs are being encouraged among software vendors and hopefully they will take the hint and make things easy for users. It is understandable they want to sell new copies with new OSs but they should do this on top of new functionality, not just some re-compilation and re-package.
On this sense, Microsoft often goes out of its way to accomodate some develoeprs requirements such as including software-specific and sometimes software-version-specific logic to accomodate functionality. This bloats the OS and starting from Windows 7 this will no longer be the case.
Check the engineering Windows 7 blog for more information on this, however, your local usergroup should be able to provide more details about this.
Hopefully, this post wont be lost in the hoopla.