Windows 8’s Unpleasant Split Personality

Windows 8 is the spiritual successor to the OS that must not be named–you know, the one that forced Microsoft to keep the XP licensing desk open almost five years after its planned end date.

The issue isn’t just that Metro (excuse me, “Modern UI”) will, like Vista’s UI, annoy users to no end with its bloated, full-screen or second-monitor interface with applications represented as varying-size cubes. Ever try to find the right icon on an overcrowded desktop? Add clashing primary colors to the mix. No, the big problem with Windows 8 is that Microsoft is not executing on tying touch and conventional computing devices into a single, unified OS.

An integrated PC/tablet/phone platform is a neat idea, predicated on the concept that IT can give users standard business desktop builds on their PCs and tablets. Great in theory, but problematic because these apps tend not to work on the ARM processors that modern tablets use; they’re limited to x86/x64 architectures from AMD or Intel. ARM is here to stay–these processors have a substantially better power-utilization profile than x86/x64 microarchitectures, and power is the single biggest problem in mobility. Energy storage sucks, and processors are hungry. ARM chips are nearly 30% better on energy use than x64, and that’s a big deal because the last major advance in battery technology was the invention of lithium ion cells by Exxon in the ’70s. So why would anyone want to push lousier power efficiency chips into the tablet market when usage times are already abysmal?

Enter Microsoft’s new “unified” development framework for desktops and tablets, Win RT. RT was supposed to remedy this defect in compatibility by providing a common framework for device application development, but it doesn’t. Because Metro plug-ins are compiled for x86/x64 and won’t run on ARM, you can forget about the plug-ins that are a large part of the new functionality of Win 8 on your ARM devices. But even worse, Microsoft has no plans to extend an intermediate software language layer, which would allow standard x86/x64 apps to run on Win 8 ARM edition. Further, .NET and Silverlight are not supported on ARM, so let’s start rewriting everything that’s in .NET for ARM. Or not.

Microsoft could write a layer of intermediary code to make apps cross-architecture-compatible; after all, it’s done it before with Microsoft Intermediate Language for .NET. Intermediary languages translate higher-level application instructions into native architecture instructions in real time or through the use of a virtual machine, which essentially makes MSIL a form of local app virtualization. Yes, MSIL adds overhead and potentially headaches in maintenance and performance, but it’s really the only way to get non-native apps on the ARM platform seamlessly. Of course it’s possible to get any sort of application you want on any platform with a terminal or VDI delivery approach, but variances in screen size, lack of basic touch compatibility (or transport of touch gestures), and non-native interfaces make this a difficult value proposition at best, and a nightmare at worst.

Apple steals from Windows Update playbook for OS X Mountain Lion

Apple will boost the frequency of security updates in OS X Mountain Lion and automatically install required patches for users, steps that bring it into line with Microsoft’s practices.

In an update Monday to Mountain Lion’s Developer Preview 4, Apple supplied what it called “Security Test Update Test 1.0.” As the name implied, the update was a test of Mountain Lion’s new security infrastructure, which presumably was put into place earlier.

Several Apple-specific blogs, including MacRumors, reported on the update and posted screenshots of the accompanying text that described it to developers and testers.

Although Apple has disclosed many Mountain Lion features, it has not revealed all those slated for the upgrade: Until Monday, there had been few hints of changes to OS X’s security update process.

According to the update’s description, Mountain Lion checks for security updates daily — a frequency increase from the weekly checks that are the default in previous editions of OS X — and will install those updates automatically for the user, either at the time they’re downloaded or at a machine restart.

By comparison, Leopard and later will only download updates and notify users when they’re available. It’s up to users, however, to install security and feature updates.

Apple also said it beefed up the security of the connections between customers’ Macs and its update servers, hinting at the same kind of improvement in encryption that Microsoft made this month after Flame, an advanced super-spy kit, was found to fake Windows Update downloads.

The security changes in Mountain Lion bring OS X to parity with Windows, which has long checked for patch updates daily, and which by default automatically downloads and installs those updates for users.

Security experts will probably applaud: Most have argued that the less users are asked to do, the more likely they are to keep their machines up-to-date.

It’s possible that Apple has had these improvements in mind for a considerable time, but they could also be part of the company’s response to attacks earlier this year that infected an estimated 600,000 Macs with the Flashback malware.

Apple has made other moves recently that may also have been triggered by the Flashback campaign, including patching Java on the same day that Oracle fixed the flaws for other operating systems; shipping the first security-related update in nearly a year for the unsupported OS X Leopard; and blocking outdated versions of the Flash Player plug-in from running in Safari.

Apple has not set a release date for Mountain Lion, but has promised that the upgrade will go on sale in July for $19.99 at the Mac App Store.

If Apple follows the same release track for Mountain Lion that it used last year for Lion, the most likely release date will be July 25.

The complete business guide to Windows 8

With the final RTM (Release to Manufacturing) version of Windows 8 coming as early as July, now is the perfect time for businesses to start thinking about what to do when Windows 8 starts showing up as an option on new PCs this autumn. So to help TechRadar has put together this comprehensive guide to what Windows 8 will be able to do for your business.

The first thing you should do – if you haven’t already – is to download the Windows 8 Release Preview. Although we already know there will be further changes to the Windows 8 interface – the Metro start screen is here to stay but the Windows desktop will get a new look without Aero Glass that may make the transition between metro-style and desktop apps feel more seamless – there will be very few changes to functionality and the Release Preview is being promoted by Microsoft as ready for businesses to try out.

Despite all the changes, Windows is still Windows complete with desktop and programsDespite all the changes, Windows is still Windows complete with desktop and programs

One of the most important points for businesses is that Windows 8 is Windows and not a cut-down version of Windows or a new incompatible operating system. If you buy a Windows 8 tablet you get a tablet that can run the full version of Office, and all the other Windows applications you need, and that will work with all the peripherals you already have.

PC makers are claiming you’ll get around ten hours of battery life, and many Windows 8 tablets will come with keyboard docking stations that will enhance the battery life.

Both versions of Windows (Windows Pro and Windows RT) also have a Metro remote desktop app; a very friendly interface for making a remote connection to your work PC from home when you need to get at files and applications.

The Metro start screen is proving controversial; however the new Metro interface for Windows 8 has undeniable advantages that businesses will appreciate. Many of these advantages will be useful on current PCs, but the real advantages will only be seen with new PCs with touch screens and gesture-enabled trackpads, as well as security hardware like Unified Extensible Firmware Interface (UEFI) – which replaces the traditional PC BIOS- and encrypted disks that businesses will appreciate.

Even the Start screen has a business purpose; pin secondary tiles for key topics in future Metro business apps like SAP and Microsoft Dynamics and your Start screen turns into a personalised dashboard; think Active Desktop and gadgets/widgets on steroids.
Faster booting and more memory for apps

Put Windows 8 on an existing PC and it will boot faster; nearly twice as fast in some of our tests, and resuming from hibernation is around a third faster. Performance always depends on what you’re doing on your PC but even in the Consumer Preview we found it generally about 10% faster (you can expect that to improve in the final release), and IE 10 is a faster browser than IE 9, especially for JavaScript-heavy Web apps.

Some of that increase in speed comes from two places; the Windows 8 operating system uses much less memory than its predecessors, and the way it shares a single-in memory copy of common libraries between applications, rather than filling up memory with a copy for each application that uses it. And that means programs can use more memory before they start paging out to slower disk-based virtual memory. Additionally the Metro-style apps save their state, so Windows can reclaim their memory any time you don’t have them open on screen, but you can still switch back to them as if they were still running.
Better battery life for laptops

Given how common laptops are now, improvements in battery life alone might make an upgrade to Windows 8 worthwhile for business users who need to work on the road; we’ve seen up to an hour more battery life on notebooks upgraded to Windows 8.

However you do have to be careful about not leaving USB sticks and SD cards plugged in; some of the power savings come from how aggressive Windows 8 is about turning off ports that aren’t in use, so leaving a USB stick in when you’re done using it makes a noticeable difference in battery life.

Battery life is one of the areas where new PCs will do better than today’s hardware as well. Microsoft is pushing PC makers to use low-power memory, higher capacity SSDs and GPUs and networking hardware that can take more of the load off the CPU, by making them requirements for the new Connected Standby state. This new state lets your PC stay on with the screen off (like a phone) and stay up-to-date with messages (in a Metro-style app) without running down the battery.

The great news is that this power saving is not just for Windows RT tablets and notebooks; it works on x86 PCs as long as they have a low-power integrated ‘System on Chip’ CPU and matching low-power components.
Fixing Windows 8 without reformatting

If you don’t have a real department with a helpdesk to sort things out, the new options for fixing your PC will be welcome. You can refresh your system, reinstalling Windows without losing your files, your user account or your Metro apps.

Unfortunately desktop apps get deleted in a refresh but it’s not hard to create an image with your installed desktop apps as well and use that to refresh with, so you can get your PC setup the way you like and keep it that way. And if someone leaves and you need to pass their PC on to another employee, removing all trace of the old user and setting up a clean copy of Windows is just as easy.

If you make an image that includes desktop apps, you can just replace Windows files and keep everything you’ve installedIf you make an image that includes desktop apps, you can just replace Windows files and keep everything you’ve installed.

Improved networking and especially better mobile broadband will also be a big help to business users. Wi-Fi in Windows 8 is smarter; it checks the throughput of different Wi-Fi connections rather than just the signal strength and will automatically connect you to the one that gives you better bandwidth rather than just the one that’s nearest.

In our tests, especially in Release Preview, Windows 8 is faster to get a Wi-Fi connection than Windows 7 and faster to switch to using Wi-Fi if you pull out your Ethernet cable (or the router fails).

If you have two network connections Windows 8 is far better at switching to using the faster connection even if it’s not the first one you connected to.

Windows 8 also comes with an Airplane Mode; like a phone, this turns off all the radios at once (handy on a plane or for saving battery, although it only works if you have the right drivers – in Airplane Mode a Bluetooth keyboard still worked on our test Samsung Series 7 tablet that we upgraded to Release Preview).

Given the cost of both Wi-Fi in business hotels and mobile roaming, the Wi-Fi Direct support in Windows 8 should be particularly welcome to business travellers, although it’s going to need specific software to make it work and there’s no sign of Microsoft building an app into Windows directly.

Wi-Fi Direct is a standard for letting your PC connect both to a wireless access point and to Wi-Fi enabled devices using a single Wi-Fi card; that lets your PC connect to the hotel Wi-Fi network and share that with your phone or tablet instead of you having to pay again for each device.

Mobile broadband in Windows 8 gets similar improvements; you connect far more quickly than in Windows 7 and setup is much simpler. Windows 8 builds in far more of the drivers needed for mobile broadband so you can get online straight away rather than having to spend 15 minutes installing large apps that make unhelpful configuration changes (T-Mobile once included mobile broadband compression software with 3G dongles that stopped Wi-Fi connections working).

You shouldn’t need to install any software at all to make most mobile broadband hardware work and the connection shows up in the Settings charm logo, alongside available Wi-Fi networks so you don’t have to run a separate application to get online.

That means the mobile operators can concentrate on making apps that show you how much data you’ve used and how much that’s costing (as well as adding features to give you an address book on the SIM, use the phone network to get your GPS location more quickly or give you access to their Wi-Fi hotspot service without needing to type in an extra password). You can see how much of your data allowance you’ve used and check the App History tab in Task Manager so see which apps have used the most data bandwidth to help make your mobile data allowance last longer.

Mobile broadband connections are automatically marked as metered connections; if you use your phone or a mobile hotspot you can mark those as metered as wellMobile broadband connections are automatically marked as metered connections; if you use your phone or a mobile hotspot you can mark those as metered as well

To help reduce your data usage Windows 8 allows you to limit the mobile broadband connection on a user-basis. Unlike a Wi-Fi connection, not everything on your PC can use your mobile broadband connection, regardless of it’s built into the PC or plugged in as a dongle. For example If you use a mobile hotspot like a MiFi, it can tell Windows 8 it’s a metered mobile connection. This can either be done automatically, which requires the manufacturer to set that up or you can mark any connection as metered yourself just by right-clicking on it.

Metered connections really come in to their own when you use your phone to get your notebook online when you travel. By selecting the right preferences you can download email and send files using your phone’s connection without worrying that Windows Update or Defender will start a download and give you a huge bill. By default, device drivers won’t download and account settings won’t sync on metered connections, but you can change those options from PC Settings.

Choose whether to download drivers for new devices on an expensive mobile broadband connectionChoose whether to download drivers for new devices on an expensive mobile broadband connection

You can choose whether to sync changes on any connection or wait for one that doesn’t cost as much as 3GYou can choose whether to sync changes on any connection or wait for one that doesn’t cost as much as 3G

Whether you’re a small business owner paying for mobile broadband to keep key workers connected while they travel or an employee who has to convince the boss to let you put the cost of connecting on expenses, knowing that you have more control over your mobile broadband bill is a big help.

Windows XP Mode in Windows 7 was a good stopgap for running older applications that even the various compatibility modes couldn’t fix, but it was only ever a stopgap.

Windows 8 gets the full Hyper-V hypervisor from Windows Server, which is much more powerful (as long as you have a 64-bit CPU with Second Level Address Translation, SLAT, which most recent processors like Core i3, i5, i7 and AMD’s Barcelona do). Not only can you run Windows XP if you need to (and Microsoft includes preconfigured virtual machines (VMs) containing old versions of Internet Explorer that are ready to load in Hyper-V), you can also run Windows Server or many other operating systems – 32-bit or 64-bit versions).

This isn’t just a basic VM player; you get the full features of Hyper-V, so you can take snapshots of running virtual machines, experiment with settings and then go back in time. Live Storage Move lets you switch the storage a VM is using – from your PC to a USB stick, or to a file share – without having to stop the VM first.

Additionally if you’re working on something in a VM and you want to take it out of the office to run on a different PC, just copy it onto a USB stick, pause it and restart it on the new machine. And unlike Windows Server, you can still hibernate or sleep a PC running Hyper-V (the virtual machines are automatically suspended and resumed when the PC wakes). Not every business will need Hyper-V but if you do, it gives you a huge amount of flexibility.

Windows 8 has some significant security improvements, and they’re not only about limiting what Metro applications can do to the PC. PCs that come with Windows 8 installed will have UEFI, the newer BIOS replacement that stores a database of OS signatures; with the UEFI secure boot feature enabled you can only boot a signed OS. That includes more than just Windows 8, and if you want to boot an unsigned OS or an earlier version of Windows you can turn it off, but with secure boot unless an OS signing key is compromised, you won’t have to worry about root-kits and other malware that tampers with Windows before it starts up.

Most anti-virus software will now start as part of the boot process – before any malware can run and turn it off; there are pre-production versions of all the major anti-virus tools that support this Early Load Anti-Malware option and the good news is that in our tests this didn’t slow boot times.

Protecting your anti-virus software means that malware will shift to attacking other software. If the PC has a Trusted Platform Module (TPM) chip – and far more PCs will come with a TPM, including Windows RT systems – you can use measured boot as well, which records the details of all the software you start up automatically – including your anti-virus software – and stores that securely in the TPM. That way if anything changes, including malware tampering with your anti-virus software, you’ll know about it.
SmartScreen moves from Internet Explorer to Windows

Windows Defender works with Early Launch Anti Malware (ELAM), it’s built in to Windows 8 and it’s a good enough anti-virus package that it may well save you money by being all the security software you need, especially combined with SmartScreen.

This SmartScreen reputation service for executable files from IE9 is now built into Windows, so it works with programs that you load from a USB stick or DVD or download through other browsers. If it’s the real version of Adobe Acrobat or WinZip it will download and install without any irritating warnings; if it’s a fake, SmartScreen will spot that it’s a file it’s never seen before and warn you. You can still install the software if it’s an obscure but legitimate program, but the warning will help protect you from viruses that are so new your anti-virus software doesn’t know about them yet.

If you do get a virus, Windows 8 improves on the techniques Microsoft has been adding since Windows XP SP2 to make it harder to attack Windows itself, by putting code and data into different places every time it loads and adding integrity checks to more key parts of Windows including the kernel and the memory heap.

Encrypting disks with BitLocker so the data is safe even if a PC is lost or stolen is much faster with Windows 8 because you can tell it to only encrypt the disk space that has data in (if you’re re-using a PC, use a tool to erase it securely first).

If you have one of the new generation of hardware-encrypted disks, the encryption on these is now good enough for BitLocker to use, so encrypting these disks disk is almost instant.

Windows 8 fixes some other irritations in BitLocker; you no longer have to be an admin user to change the BitLocker password or PIN. Recovery keys are automatically saved onto your server (or SkyDrive). Lastly, if you have a Windows Server 2012 network you can set BitLocker-protected PCs to boot without needing a PIN, so people only need to type in the PIN if they’re connecting from somewhere less secure than the office.

These improvements make BitLocker an excellent solution for protecting confidential data on business PCs without being so irritating it slows you down.

BitLocker is easier to work with, so you’re more likely to use it.BitLocker is easier to work with, so you’re more likely to use it.

Encrypt only the disk space you’re using and BitLocker encrypts disks much fasterEncrypt only the disk space you’re using and BitLocker encrypts disks much faster

There’s one Windows 8 feature that will be particularly useful to small businesses – the ability to boot Windows 8 from a USB stick.

Windows To Go lets you put a Windows 8 image on a removable USB 3 stick that users can boot from on any PC and get their Windows 8 account, applications and files. That makes it far less painful to share a PC, or to get work done when you’re away from your usual computer – because you have it with you.

Disappointingly, perhaps because Microsoft thinks only large companies will want to take the time to set it up, Windows To Go is currently restricted to the Windows Enterprise version, so you can only get it if you buy a Software Assurance licence for Windows 8.

However the licence is available for as few as five licences and is worth considering even for a small business because it comes with other new Windows 8 features like DirectAccess, BranchCache and AppLocker (which are all improved in Windows 8), as well as ‘companion device’ rights that let each user access their work PC remotely on up to four personal devices.

VPN replacement DirectAccess and BranchCache (peer-to-peer caching to speed up file downloads in a branch office) do make most sense for larger businesses, because you have to set up Windows Server 2012 systems to take advantage of them.

Like AppLocker’s whitelists of file and applications people are allowed to access, they’re most useful when you want to be managing users’ PCs more actively than many small businesses need to. But setting up DirectAccess is far simpler than it used to be and it gives users seamless remote access to file shares as well as allowing an admin to send updates to their PCs without waiting for them to log into a VPN. If you find VPNs unreliable and unpopular, DirectAccess is an excellent solution that makes people who travel a lot more productive.

You can’t search inside desktop apps from Explorer any more, but you can search multiple apps and mail in MetroYou can’t search inside desktop apps from Explorer any more, but you can search multiple apps and mail in Metro

You can search inside multiple apps in the same place, and pick which to show on the listYou can search inside multiple apps in the same place, and pick which to show on the list

Don’t be distracted by the arguments about the Windows 8 interface or the fact that when you put your mouse in the bottom left corner you’re clicking on a pop-up button labelled Start rather than a round button that’s always there. Yes, things are different. If you’re one of the few people that use the Start menu to search files and email at the same time, you can still do that in Windows 8 – but only with Metro apps.

Otherwise, business features in Windows 8 are either the same as in Windows 7 or improved. Whether you check out Release Preview now, wait till the final version in July or wait till you get a PC that comes with Windows 8, this is a solid OS for business users. You might not pay extra for the features if you’re happy with Windows 7 now, but you’ll appreciate them when you get them.