ABOUT BENCH FORUMS PODCAST LOGIN REGISTER
PC Components
Smartphones & tablets
Systems
ENTERPRISE & IT
GUIDES

Windows 7 Performance Guide

 by Ryan Smith and Gary Key on October 26, 2009 12:00 AM EST
207 Comments | Add A Comment
207 Comments

The Rough Edges

The first thing that bothers us is a technical matter, and that is the addition of various levels of UAC , and the security ramifications of that. We’ve talked about this before in our look at the release candidate, but it bears repeating.

With the changes made to Windows 7, at the default UAC level of 2, signed Microsoft executables are auto-elevated to admin privileges when run by an admin. This primarily manifests itself in the Control Panel, where most of the panels are allowed to auto-elevate so that users may make changes without facing a UAC prompt.

There’s certainly a benefit to this in terms of user interaction, since the Control Panel and installing software are the two most common admin-level tasks a user will do. The latter is a repeating occurrence, but the former is something that usually only happens once when the computer is set up. So by making this change, the new-user experience involves less UAC.


The UAC Control Panel With Level Slider

It’s the security ramifications of this that concern us. Someone already managed to exploit this in the pre-RC phase (where the UAC control panel itself was auto-elevating) to disable UAC entirely. The concern we have is that all of these auto-elevating programs are an obvious target for a local privilege escalation attack to accomplish something similar, if not the same. Imagine finding a way to make the Display control panel execute a 3rd party application with admin privileges, for example.

Now to be clear, it’s not as if this is the only way to achieve local privilege escalation attacks. The Windows kernel itself is a target, and I can’t think of any major desktop OSes that haven’t seen such an attack in the past. But this makes that easier, potentially much easier. And that’s a risky proposition when a UAC prompt may be all that’s left between malware executing and running amok or not.

Certainly someone is going to bite my head off for this, but I don’t think Microsoft should have made such a fundamental change to UAC. More casual users may not have been fond of how Vista or UAC Level 3 handle security, but it was a more secure choice than Level 2. To that end, I certainly wouldn’t recommend running Win7 at the default UAC level for any computer connected to the internet.

On a lighter note, even after using the release version of Win7 for 2 months now, I’m still wondering who thought it was a good idea to make the title bar of maximized windows semi-transparent. Certainly for windowed windows it makes some sense, as you can see what’s underneath. But for maximized windows? If I was concerned for what was under the window, why would I have it maximized?

Finally there’s Windows Mail, or rather the lack of it. Obviously email clients have come under diminished importance in the last few years as web-based email (e.g. Gmail) continues to rise in popularity, but this doesn’t mean that an email client is not necessary.  And I get that Microsoft wants to separate the email client from the operating system so that they can push out major client updates outside of major OS releases.


  Windows Mail: Have you seen me?

But what I don’t get is why there’s any reason good enough for Windows to not come with an email client at all. It’s 2009, why is there an operating system being released without an email client? I only hope that OEMs are adding email clients to their prebuilt computers, otherwise there may be some very confused Windows 7 users as people start snapping up new machines.

The Only 3 Editions You’ll Care About Test Setup
PRINT THIS ARTICLE
Comments Locked

207 Comments

View All Comments

  • Exar3342 - Monday, October 26, 2009 - link

    Darwinosx: "Is this the new mac operating system?"

    Apple store employee: "Yes, it is called 'Snow Leopard'".

    Darwinosx: "I like cats...this must be the best around because of the cute kitty on the box. I will buy it!"

  • JimmyJimmington - Monday, October 26, 2009 - link

    Yup, macs have no security vulnerabilities at all. Exactly.

  • StevoLincolnite - Monday, October 26, 2009 - link

    MacOSX is far from the best Operating system out there, it has a tiny market share, lacks software/API compatibility, and usually comes with rather antiquated hardware, and cheap plastic looks. (Even the Aluminum bodied ones, look cheap and flimsy to me, despite them being of a solid build).

    I usually avoid all Articles based around the Mac because it's completely pointless to read, I have never owned a Mac, I never want to own a Mac, I have used a Mac and hated every moment of it, not because of the "Brand" but because I have to "Search" for OSX variations of the software I use, in such a case the Operating system is useless to me.

    Windows 7 is awesome, been using it since the early Beta's, It's like a "Fine Wine" version of Vista, it's Vista that got better with age. - I don't expect a Mac user to understand the difference's as they are generally limited in intellectual capability.

    ******

    What I REALLY wanted from this article is Windows 7's performance on something like the Atom 230/330 based processors so we can see how usable the Operating system is on such processors.

  • darwinosx - Monday, October 26, 2009 - link

    I didn't say it was the best now did I? But it is certainly better than this band aided and scotch taped version of Vista. I don't have any particular idea of a "best" OS in mind because I work with all of them. I have for 20+ years and I am quite well paid for it. Whereas you still get an allowance from daddy.

    Market share is no measure of how good something is. That is obvious.

    Software/API compatibility? Meaning what exactly? I'd like to hear because I don't think you know.

    Tell me one thing that is antiquated about Mac hardware? Plastic? What plastic? Your comments on the unibody are laughable. I'll leave it at that.

    Oh you had to "search" for Mac software. That must have been difficult for you.

    I understand you are just some teenager who doesn't know anything. But don't think everyone here is the same as you.

  • B3an - Monday, November 2, 2009 - link

    Another moronic Mac user that knows nothing. All your points about about 7 are a joke. Chances are you have not even used it.
    The only "malware fest" was windows XP. I've used Vista since release with UAC turned off - never got anything.
    And yes 7 uses more RAM, as it's a real OS and not a toy, it supports hundreds of thousands of 3rd party hardware and software, it can do a lot more. This tends to increase the complexity of an OS.

    If OSX was actually good enough for most people to use, it would be a security mess as hackers would actually bother to attack it, and theres noway it's as secure as Vista or 7 if it came down to that.

  • Ahmed0 - Monday, October 26, 2009 - link

    Remember kids, dont put your hands through the cage and dont feed the trolls.

  • Lifted - Monday, October 26, 2009 - link

    You should stock up on the pads as it looks like you're in for some heavy flow this month ma'am.

  • Sc4freak - Monday, October 26, 2009 - link

    "But what I don’t get is why there’s any reason good enough for Windows to not come with an email client at all. It’s 2009, why is there an operating system being released without an email client?"

    But you see, that would be violating anti-competition laws and would reduce consumer choice. Bundling Windows Live Mail is clearly unfair to Mozilla Thunderbird, Opera Mail, and all the other email client providers out there!

    Obviously, the solution is that Microsoft must implement a ballot screen into Windows so users can choose whether to use Windows Live Mail or another competing product. Yep.

  • darwinosx - Monday, October 26, 2009 - link

    Bundling these apps was only an issue in Europe not in the U.S. It wasn't all of these apps ether. The biggest issue Microsoft regarding bundling is the browser and they still bundle that. So whatever Microsoft reason is for that it had nothing to do with bundling or anti-trust.

    A bigger question is why in an OS released in 2009 do you still need to manually defrag, still need registry cleaners, layers of anti-malware, and various other 3rd party utilities just to make it usable and semi-reliable? Pretty sad.

  • ProDigit - Tuesday, October 27, 2009 - link

    I prefer to do these things manually!
    Automatic defrag in Vista and 7 is one of the major reasons for a degrading OS over time (in speed).
    I prefer keeping control over many of the 'automatic' services,which somehow always seem to interfere with performance..
    Ever played a game,and in the middle noticed a virusscan was happening on the background?
    Or what about just silently reading a webpage, on the last of your battery of a laptop, and noticing how the HDD light flickers like crazy, making this annoying HDD sound while you're reading?

    Those are the curses of the automatic tasks.
    One of the first thing I did with XP and win98, when it got released,was disable the automatic task scheduler!
    Some find automatic tasks a blessing, some a curse.

    A Defrag on a normal system should be done twice or trice a year, not every day like Vista (provided if you stay above the 20% freespace).
Copyright © 2024. All rights reserved.
BENCH
TOPICS
FOLLOW
ABOUT

Log in

Don't have an account? Sign up now