Windows 7 Performance Guide
by Ryan Smith and Gary Key on October 26, 2009 12:00 AM EST- Posted in
- Systems
The Rough Edges
The first thing that bothers us is a technical matter, and that is the addition of various levels of UAC , and the security ramifications of that. We’ve talked about this before in our look at the release candidate, but it bears repeating.
With the changes made to Windows 7, at the default UAC level of 2, signed Microsoft executables are auto-elevated to admin privileges when run by an admin. This primarily manifests itself in the Control Panel, where most of the panels are allowed to auto-elevate so that users may make changes without facing a UAC prompt.
There’s certainly a benefit to this in terms of user interaction, since the Control Panel and installing software are the two most common admin-level tasks a user will do. The latter is a repeating occurrence, but the former is something that usually only happens once when the computer is set up. So by making this change, the new-user experience involves less UAC.
The UAC Control Panel With Level Slider
It’s the security ramifications of this that concern us. Someone already managed to exploit this in the pre-RC phase (where the UAC control panel itself was auto-elevating) to disable UAC entirely. The concern we have is that all of these auto-elevating programs are an obvious target for a local privilege escalation attack to accomplish something similar, if not the same. Imagine finding a way to make the Display control panel execute a 3rd party application with admin privileges, for example.
Now to be clear, it’s not as if this is the only way to achieve local privilege escalation attacks. The Windows kernel itself is a target, and I can’t think of any major desktop OSes that haven’t seen such an attack in the past. But this makes that easier, potentially much easier. And that’s a risky proposition when a UAC prompt may be all that’s left between malware executing and running amok or not.
Certainly someone is going to bite my head off for this, but I don’t think Microsoft should have made such a fundamental change to UAC. More casual users may not have been fond of how Vista or UAC Level 3 handle security, but it was a more secure choice than Level 2. To that end, I certainly wouldn’t recommend running Win7 at the default UAC level for any computer connected to the internet.
On a lighter note, even after using the release version of Win7 for 2 months now, I’m still wondering who thought it was a good idea to make the title bar of maximized windows semi-transparent. Certainly for windowed windows it makes some sense, as you can see what’s underneath. But for maximized windows? If I was concerned for what was under the window, why would I have it maximized?
Finally there’s Windows Mail, or rather the lack of it. Obviously email clients have come under diminished importance in the last few years as web-based email (e.g. Gmail) continues to rise in popularity, but this doesn’t mean that an email client is not necessary. And I get that Microsoft wants to separate the email client from the operating system so that they can push out major client updates outside of major OS releases.
Windows Mail: Have you seen me?
But what I don’t get is why there’s any reason good enough for Windows to not come with an email client at all. It’s 2009, why is there an operating system being released without an email client? I only hope that OEMs are adding email clients to their prebuilt computers, otherwise there may be some very confused Windows 7 users as people start snapping up new machines.
Facebook
Twitter
RSS
207 Comments
View All Comments
DominionSeraph - Monday, October 26, 2009 - link
"I just don't understand why holdouts on XP like to argue how good it is in comparison to Vista"Because they tried to cram Vista on to a PIII with 256MB of ram, and they're too young to have known REAL speed: Windows 98SE.
chrnochime - Tuesday, October 27, 2009 - link
Yes but with that REAL speed came frequent BSODs for me. I stuck with 98SE until end of 2002(!) and after moving over to xp, no more BSOD. Exact same hardwares too.ProDigit - Tuesday, October 27, 2009 - link
What are you saying?Vista runs slacky on just about any laptop with specs lower than Core2Duo T5500, or Core2Duo's with lower than 1MB L cache, and a drive slower than 5200rpm.
Even on an AMD dualcore 2,4Ghz with 4GB of RAM, I noticed the OS being sluggish!
It performs worse than MacOs, XP, Linux, and Win7!
It is possibly the worst OS ever created!
Genx87 - Tuesday, October 27, 2009 - link
I think just about any OS will slack when you stick it on a 4200 RPM drive. I am assuming you meant 4200 instead of 5200?I had Dell laptops back in 03-04 that performed like 386's because some bean counter figured we can save 20 bucks a laptop using 4200 rpm drives. Idiot didnt think about the wasted productivity when the user waits 10 minutes for the thing to boot and 2 mins to open outlook.
DominionSeraph - Tuesday, October 27, 2009 - link
XP ain't no sprite. When my Vista box went down, I ripped out its X2 5200+ to replace my backup XP box's 3200+, and with that huge leap it now equals what my Vista box was like.There really ain't a difference once you go dual-core with decent specs.
Compare this to Win 98. Whereas XP dogs a 3200+ with 2GB, 98 has sub-10 second boot times on a PIII 700MHz, and you aren't gonna notice a difference in snappiness from a Celeron 400. (You don't get any faster than 'instant'.)
XP is bloatware and really doesn't have a hardware niche. Anything that can't run Vista would be better off with Win98.
poached - Wednesday, October 28, 2009 - link
but you can't get drivers for windows 98. The installer will probably crash if you tried. plus, 98 was really unstable (compared to OSs of today) because programs could corrupt the memory easily. Not to mention no security of any kind. There is a penalty to make OS secure and stable.pullmyfoot - Monday, October 26, 2009 - link
I bought Vista when it came out and dual booted it with XP. I didnt really like it, and Vista almost never got used. It was like that for a year and a half, and then I installed the W7 RC. I have not missed XP one bit.As for the people who say W7 is less snappy than XP, well in my own experience W7 feels more snappy than XP to me any day.
ProDigit - Tuesday, October 27, 2009 - link
I noticed the opposite when testing XP VS Win7 RC and Beta.I found XP to be more snappy than Win7, running it from a lower specced laptop.
I did have XP optimized though. Perhaps if I give the final version of Win7 a Win2000 theme, and optimize it a bit, it will be as snappy as XP.
ProDigit - Tuesday, October 27, 2009 - link
I noticed the opposite when testing XP VS Win7 RC and Beta.I found XP to be more snappy than Win7, running it from a lower specced laptop.
I did have XP optimized though. Perhaps if I give the final version of Win7 a Win2000 theme, and optimize it a bit, it will be as snappy as XP.
andrewaggb - Tuesday, October 27, 2009 - link
I'd be curious if you can get it to feel as fast as xp on a really slow laptop. I sold my netbook a year ago (1024x600 didn't cut it), but now that you can get ones with a better resolution screen I might consider getting another one with win7 if it doesn't run awful.