Windows 10 News: New Authentication, New Storage Savings, And Launch Timeframe
by Brett Howse on March 18, 2015 2:35 AM EST- Posted in
- Operating Systems
- Microsoft
- Windows 10
Microsoft has been busy releasing news of upcoming Windows 10 features which will improve several age old issues. The password has been a thorn in the side of users since its inception, and with Windows Hello, Microsoft may have an answer to that. They have also detailed the evolution of their System Volume space savings which first debuted last year with WIMBoot. Finally, Microsoft has finally confirmed a launch timeframe for Windows 10, which will ship “this summer” in many countries and languages.
Windows Hello
With Windows Hello, Microsoft is taking a new spin (for them) at authentication. Everyone knows about passwords, and most people are aware of the many issues with passwords, such as password reuse, non-strong passwords, and the like. Passwords are great for computers, but awful for people. Truly strong passwords need to be unique per system or site, and should be long alphanumeric strings. The problem is people are not good with passwords. Windows Hello wants to solve this with multifactor authentication using biometrics and physical devices. Yes, we have seen biometrics before. Even on Windows, device makers like Lenovo have been including fingerprint scanners for many years. We have seen the rise of the TouchID fingerprint reader on the iPhone, which owners have embraced as a much easier way to authenticate themselves to their phone.
Microsoft will be taking a two pronged approach to authentication. The first is the actual authentication. Windows Hello will work with several biometrics, including fingerprint scanners, facial recognition, and iris scanning, as examples. This will be used in conjunction with hardware cryptography on the device to unlock the device. Microsoft is claiming false unlocks at around one in one hundred thousand. Fingerprints are well known, but the facial recognition will not rely on just a webcam, but rather will require new hardware such as the Intel RealSense 3D Cameras to ensure that it is a real person in front of the device and not just a photo. The unlock is tied to the actual device, and none of the unlock information is ever sent off of the device. Existing fingerprint readers can be used with Windows Hello.
Intel RealSense 3D Camera Module
Since this is not even in the latest build of Windows 10, there are a lot of questions still to be answered. Microsoft has said that they have evolved authentication from what they have learned with Kinect, so they do have some background with this technology. However my experience with Kinect is that it is not very good at authenticating, and with something as important as unlocking my PC I will be skeptical until proven otherwise. Regardless, it is hard to deny that the password has outlived its usefulness, so any research and advancement in this area can only be a good thing.
The second prong of the approach is using your device authentication to allow access to services and websites which require authentication. Microsoft is integrating Windows Hello into a new service code named Passport. Passport is a method of authenticating to external services using public-private key cryptography. Rather than login to OneDrive.com (as an example) with a username and password, and possibly a second factor like an authenticator app, you will log in to your device with Windows Hello (which is two factors – your device and your biometrics), and your device will then authenticate to the service using public-private crypto. This way, if a service is ever compromised, the attacker would just get a public key for your user, which would be useless. The private key would be locked on your device. Passport will be integrated with Azure Active Directory on day one, and Microsoft is hoping to expand the capability of the service through the FIDO alliance. As with anything security related, this is a good step, but we need to see the full details.
WIMBoot Evolution
Windows 8.1 Update 1 brought along a piece of technology called WIMBoot, which allowed Windows to save space on the system drive by keeping the system files in a compressed WIM (Windows Imaging) file on the recovery partition. Traditionally, files are kept as the WIM file for recovery and extracted to the C: drive for use by the operating system. WIMBoot allowed system manufacturers to free up space by removing the redundant files and just using the compressed copy. It was not perfect though. OEMs could still add in their own files to the WIM, significantly increasing the size of the recovery partition. These files could never be removed, so if an OEM just stuck a bunch of unnecessary software in the WIM, that space could never be reclaimed. The recovery partition could not be removed on devices with WIMboot. Although the idea of booting off of the WIM file had merit, it was not always ideal.
Microsoft is evolving this process. Instead of keeping system files in a compressed WIM file on the recovery partition, they have instead gotten rid of the recovery partition. This will free up a significant amount of space that is often dedicated to this, even on devices which never used WIMBoot. The new reset and refresh functionality will rebuild the operating system in place using runtime system files. This takes up less space, and it will keep security updates for system files in place to avoid having to download them again after recovery.
Also, Windows 10 will compress system files if appropriate to the system. During the upgrade, the process will look at several factors and compress the system files if doing so will not adversely affect system performance. This likely means that the system has enough processing power and disk speed that impact will be minimal or non-existent. OEMs will be able to determine if their devices can and should have this done as well, and incorporate It into new devices.
Windows Store apps will also benefit from this compression. This will allow more user data to be stored, which is a win, especially on low cost devices with limited storage.
Microsoft is claiming this new compression and lack of a recovery partition can free up over six gigabytes on a 64 bit system. In practice, it could easily be much higher, since the recovery partition can be well over seven gigabytes on its own once the additional software is added. However, their numbers would most likely be comparing to a device which did not leverage WIMBoot in the first place.
Windows 10 Launch Timeframe
The final bit of news from the software company is that Windows 10 is going to ship “this summer” in 190 countries and 111 languages. They have also detailed how they hope to get the free upgrade to Windows 10 underway. In China, partnerships with Lenovo, Tencent, and Qihu 360 will assist customers in getting the upgrade done. Lenovo will offer Windows 10 upgrades at 2,500 service centers and retail stores in China. Tencent will offer free upgrades to Windows 10 for its customers as part of an upgrade pack which also includes some of their own software. They will also be creating a universal app for their QQ app which has over 800 million customers in China, as well as bringing some of their gaming IP such as League of Legends to the Windows Store. Qihu 360 will also be offering Windows 10 to their customers with streamlined installations and accelerated download speeds.
With the current state of the Windows 10 Technical Preview, it seems hard to believe that Windows 10 will be launched by September at the latest. However we have not seen a new build for Windows Insiders since the January build came, so internally employees may be working on much more stable code. Hopefully this is the case, and hopefully the speed of new builds is increased as well. There has been news in the Windows 10 Insider Hub that the rollout of new builds is going to increase, but that has not happened yet. I would get a quote from the Insider Hub, but the app will not currently launch on my Windows 10 desktop which explains my surprise at the launch timeframe being so soon.
If Microsoft can hit the back to school crowd, it would certainly help out with both PC sales and Windows 10 market penetration, but that is not something that they have hit with either Windows Vista or Windows 8 or any of its derivatives.
Source:
Windows Blog: Windows Hello, WIMBoot Evolution, Windows 10 Launch Timeframe
Facebook
Twitter
RSS
48 Comments
View All Comments
antihelten - Wednesday, March 18, 2015 - link
Quote from Insider Hub:"
We’ve heard your feedback asking for more frequent builds—and as Gabe mentioned in his recent blog post, we’ve probably been too conservative about pushing builds to the Fast ring for Windows Insiders. So we’re preparing to speed up the build releases for those who want to live life in the Fast lane.
The good news is that Insiders who choose Fast will be getting fresher code, with all of the features and fixes, more often. The potential downside is that as we go faster, the builds will likely include more bugs with fewer workarounds. If this doesn’t sound like something you want to deal with, now is your time to switch to Slow.
On your PC, you can change this option in Settings > Update & recovery > Advanced options:
On your phone, you can change this setting in the Windows Insider app:
Going forward there will be a more discernable difference between the cadence and level of polish of preview builds sent to our Fast and Slow rings. Insiders who choose to keep the default setting of Slow will still receive preview builds, however they will arrive less frequently and with a higher degree of polish."
I tried changing to "fast" updates and updating, but nothing except an update for windows defender and a system hardware update popped up.
Shivansps - Wednesday, March 18, 2015 - link
I hope the evolution of wimboot is good, wimboot on Windows 8.1 is a dissaster, it saves you maybe 1gb of space on a x86 install and performance IS affected.FlushedBubblyJock - Wednesday, March 25, 2015 - link
More hidden inaccessible partitions or files - you don't have permissions, man I've got to say I just hate it.Quite a long time ago I had to load up some secret hidden WIM reinstall/recovery deal on a laptop to get the OS back - I had to go hunting for the MSFT loader files from some IT package, then dos text the whole deal to load it up and suck the giant gigs of OS out - what really surprised me is "the WIM file was reported as taking up no space".
Now, we know it took up space eve when hidden, but the drive free space reports never indicated that - but load that puppy up off the harddrive, and sure enough the massive gigs it used suddenly were deducted from the free space checks...
So that crazy hidden WIM thing is just another way IMO to lock end users out and hide from 99%+ of the public what they really have on the end users system.
Millenium had a 3mb hidden secret partition as I recall (perhaps incorrectly) win 7 grabs 100MB for it's secrets that I know of, and then win 8 suddenly desired 350MB ... I scoped out the win 7 hidden 100MB once though I forget what it was because I found nothing of interest.
Anyway, pulling out the sharp daggers with some "Take Ownership" progs ready is already required, and sooner or later, mostly sooner, accessing your own hard drive is going to be some kind of crime it seems.
I'm exaggerating but not by all that much.
All that above explains why saving 1GB is such a great thing...wimboot - so important in the age of terabyte drives - yes I'm sure it's for security... against the terrorist hackers...
BittenRottenApple - Wednesday, March 18, 2015 - link
They better fix all of those bugs they've created with the January update since it was just offensive. As someone who's tested every possible bit of software for Microsoft from Vista on, I've never been more infuriated with an OS than I was with 10. Aesthetically, their initial release which was just Windows 8 with a Windows 7/8 hybrid start was lovely, then the got uglier as it went on and less usable. They started grouping things by letters which took up unnecessary space. Then they got rid of multi-column view in the full page start so you had the Modern App tiles on one side and a tiny column of apps on the left. The new 10 icons are horrendous and too blown out so they look even worse on crappier monitors or poorly calibrated ones. It's just terrible what they did. PC Settings is now strictly a Modern App that has added 800 clicks to get to things. Charms is disabled even though that was really helpful. Windows+P takes forever to load since it's now looking for wireless displays to connect to. Clicking the wifi icon no longer brings up a mini menu that allows you to pick your connection from that location like it did in 7 and 8. Instead you have to go through that piece of shit PC Settings. Also they decided to do away with update install history so you can't see what's fucking up your computer. The roll back feature didn't work on my prior Windows 8.1 PC, so I had to nuke everything and lose hundreds of gigs because of it. Got 90% back thanks to Recuva. I just really fucking hated Windows 10. It looks ugly and is just a cluster fuck of shit. I hate Cortana, hate that the Windows 7 search that was present in the beginning of the Tech Preview isn't there anymore. Too much unused spaces, and too many non-modern apps now being forced into modern, like PC Settings and Calculator. God it fucking sucks.kingpotnoodle - Wednesday, March 18, 2015 - link
Sounds like you make the rookie mistake of installing incomplete software for testing on a PC without taking a proper backup first. OS testing shouldn't end with Recuva no matter how unsuccessful it was...close - Wednesday, March 18, 2015 - link
You're infuriated that a piece of beta software (an OS even) isn't 100% stable and some features are changed every once in a while or are not really "finished", right? I don't know what kind of "tests" you do with "every possible bit of software for Microsoft from Vista on" but you don't seem to grasp some basic concepts: at this stage of the development the OS is still very much work in progress. It's like complaining that your kids don't bring in the big bucks.Rookie indeed.
mkozakewich - Wednesday, March 18, 2015 - link
In his defence, I felt much the same about the stable release of Windows 7. They took out useful features and loaded it up with space-taking cruft. They removed even more features with Windows 8, but at least they added some good things (like the Charms bar).BrokenCrayons - Friday, March 20, 2015 - link
I can understand being upset about the changes and disliking the direction Microsoft is taking their OS. In fact, the idea of reading data about my face is a little alarming. I really don't want biometric information about me to be accessible on a device that is connected to the Internet because of the risk of it being captured by a third party. I really don't even like the idea of a camera being constantly connected to my computer much less something that can create 3d models of me on the fly. Yeah, yeah, I know it's a little tinfoil-ish to think that way, but the number of sickos who turn on web cams remotely on computers in bedrooms makes me a little worried about even sitting down behind a computer without a top, much less leaving one laying around where it can see me going from like a bath to my dresser. There's a lot of perverts out there and some of them are working very hard to get access to cams to do disgusting things or create vids to post all over the web that follow you for the rest of your life. So for me, passwords and non-biometric, non-camera equipped systems are totally preferred. If something goes wrong with my password, I'll take responsibility for it. The other thing I really dislike about modern Windows OSes, which isn't just a MS thing because Google is millions of times worse with their software products, is the heavy pushing of linking local access to your Hotmail/Live/Outlook account which has lots of scary implications too. All that is not at all good stuff or I think worth the trade-offs in having the extra features which is what drove me to go try Linux distros. Yeah they have their own problems too, but I've been happily learning (slowly for like the last year which has been a kinda struggle) how to do everything I wanna do in Mint and Lubuntu. It's pretty much the last bastion of operating systems that aren't invasive data logging monsters and I really hope it stays that way.FlushedBubblyJock - Wednesday, March 25, 2015 - link
I agree, they will have everything connected, then when one gets compromised, it's all going bye bye.The NSA and Homeland Security love it though - makes theirs and the other criminals jobs easier.
They keep wailing about scams and hacks and people losing their accounts( but they want it all baked into one gigantic cookie) so that any single used site or service smokes the entire sausage...
That always works out well...
FlushedBubblyJock - Wednesday, March 25, 2015 - link
Thanks for the update and opinions, I've been just diddling around with 10 and don't always let them update - but I'm certain by your explanation of things they haven't got clue one and would prefer we all let them control everything - as they justify their code writing by further embedding every setting deeper and deeper within revolving door pop up windows...Nothing user friendly must remain - soon "it"(whatever setting you need to change) will be back in the dialog it resided in under windows98, but yeah, it will take 15 clicks to get there, 25 when you're trying to remember their last 5 changes from their last 5 OS'es.