ABOUT BENCH FORUMS PODCAST LOGIN REGISTER
PC Components
Smartphones & tablets
Systems
ENTERPRISE & IT
GUIDES
DEALS

Windows 7 Performance Guide

 by Ryan Smith and Gary Key on October 26, 2009 12:00 AM EST
207 Comments | Add A Comment
207 Comments

The Rough Edges

The first thing that bothers us is a technical matter, and that is the addition of various levels of UAC , and the security ramifications of that. We’ve talked about this before in our look at the release candidate, but it bears repeating.

With the changes made to Windows 7, at the default UAC level of 2, signed Microsoft executables are auto-elevated to admin privileges when run by an admin. This primarily manifests itself in the Control Panel, where most of the panels are allowed to auto-elevate so that users may make changes without facing a UAC prompt.

There’s certainly a benefit to this in terms of user interaction, since the Control Panel and installing software are the two most common admin-level tasks a user will do. The latter is a repeating occurrence, but the former is something that usually only happens once when the computer is set up. So by making this change, the new-user experience involves less UAC.


The UAC Control Panel With Level Slider

It’s the security ramifications of this that concern us. Someone already managed to exploit this in the pre-RC phase (where the UAC control panel itself was auto-elevating) to disable UAC entirely. The concern we have is that all of these auto-elevating programs are an obvious target for a local privilege escalation attack to accomplish something similar, if not the same. Imagine finding a way to make the Display control panel execute a 3rd party application with admin privileges, for example.

Now to be clear, it’s not as if this is the only way to achieve local privilege escalation attacks. The Windows kernel itself is a target, and I can’t think of any major desktop OSes that haven’t seen such an attack in the past. But this makes that easier, potentially much easier. And that’s a risky proposition when a UAC prompt may be all that’s left between malware executing and running amok or not.

Certainly someone is going to bite my head off for this, but I don’t think Microsoft should have made such a fundamental change to UAC. More casual users may not have been fond of how Vista or UAC Level 3 handle security, but it was a more secure choice than Level 2. To that end, I certainly wouldn’t recommend running Win7 at the default UAC level for any computer connected to the internet.

On a lighter note, even after using the release version of Win7 for 2 months now, I’m still wondering who thought it was a good idea to make the title bar of maximized windows semi-transparent. Certainly for windowed windows it makes some sense, as you can see what’s underneath. But for maximized windows? If I was concerned for what was under the window, why would I have it maximized?

Finally there’s Windows Mail, or rather the lack of it. Obviously email clients have come under diminished importance in the last few years as web-based email (e.g. Gmail) continues to rise in popularity, but this doesn’t mean that an email client is not necessary.  And I get that Microsoft wants to separate the email client from the operating system so that they can push out major client updates outside of major OS releases.


  Windows Mail: Have you seen me?

But what I don’t get is why there’s any reason good enough for Windows to not come with an email client at all. It’s 2009, why is there an operating system being released without an email client? I only hope that OEMs are adding email clients to their prebuilt computers, otherwise there may be some very confused Windows 7 users as people start snapping up new machines.

The Only 3 Editions You’ll Care About Test Setup
PRINT THIS ARTICLE
Comments Locked

207 Comments

View All Comments

  • DominionSeraph - Monday, October 26, 2009 - link

    Is it really that difficult to download WinZip to open .zip files? And WinAmp to play MP3s? MusicMatch Jukebox for ripping and converting? ACDSee to view jpegs? CloneCD to burn?

    More functionality is better.

    Now they just need to get ISO mounting.

  • Genx87 - Wednesday, October 28, 2009 - link

    Hey i was impressed they put .ISO burning as a native function of the OS. God that is nice to not have to install Roxio or Nero to perform that one function.

  • Dug - Monday, October 26, 2009 - link

    Really need to show how much better 7 is in a domain environment. Vista is a nightmare in the workplace, especially with networks. Vista has really slow file transfers, slow authentication, really bad switching from wired to wireless. Constant time outs from explorer or Outlook. Errors trying to update the OS. List goes on and on.

  • Genx87 - Wednesday, October 28, 2009 - link

    Sounds to me like you may have other issues if you are having timeouts in Outlook and Windows explorer and cant update the clients. We have about 30% of our user base using Vista 32. They have for the most part been pretty solid. The biggest issue was the person before me on the initial batch bought machines with 1GB of ram. /shake head

    After doubling and quadrupling that the machines run solid.

    The slow transfers were fixed in SP1 over a year ago.

  • Peroxyde - Monday, October 26, 2009 - link

    At home I only need Windows to work on some MS Office 2007 documents. I can live without the Windows 7 new features. So here is the fastest Windows and the safest you can have: Use Linux + Virtual Machine (Ubuntu 9.04 x64 and Virtualbox 3.08 in my case). The VM have WinXP + SP3, auto updates. After that, I configure XP so that it can no longer access the Internet. Results: a fast and low resource Windows (only XP and the few programs I need, zero anti virus). Unlike its numerous XP fellows this one is unattackable.

  • tomaccogoats - Monday, October 26, 2009 - link

    Anandtech really needs a dedicated person on its team with better knowledge of linux. It's a computer site, and I'd compare the level of linux no-how to that of a high-school student who's been playing around with it a bit. Ubuntu 9.10 has in essence been around for a while now, and I'm surprised no one's even bothered to look at it. Also you can set ubuntu to get A LOT better battery life numbers. Just my $.02

  • Chlorus - Tuesday, October 27, 2009 - link

    Maybe because its garbage? Maybe because the application base of Linux is almost nonexistent? Maybe because it barely supports any of the latest hardware? Maybe because the ABI situation is a clusterfuck? Maybe because those battery-life improving tweaks involve removing some functionality?

  • LoneWolf15 - Monday, October 26, 2009 - link

    I found some 25% off coupons still lurking around the web back in August and got myself a Technet Plus subscription. For $261, I got one license of Win7 Ultimate one of Premium, one of Professional, and more importantly, a MAK (multiple-activation key) for using Enterprise.

    That's not including the licenses for Office 2007 and a ton of other MS products. Well worth the price and at the end of the year's membership, your licenses are still valid --just keep copies of your .ISOs and keys. Subscription renewal prices are also lower than first-time.

  • MrPete123 - Monday, October 26, 2009 - link

    With respect to hibernating... don't the Vista/Win7 64-bit laptops have 4 gigs of RAM they have to store, while XP 32-bit only has ~3 gigs accessible? Seems like that would artificially affect the performance.

    Also, why didn't you run Win7 FF + FlashBlock?

  • Ryan Smith - Monday, October 26, 2009 - link

    Check the Mobility article that data was pulled from. If the answer isn't there, you'll have to ask Jarred.
Copyright © 2024. All rights reserved.
BENCH
TOPICS
FOLLOW
ABOUT

Log in

Don't have an account? Sign up now