Forcing updates

Microsoft gets a lot of bad press for security issues, but seriously, how are you supposed to deal with something like this?

For those of you too lazy to read the article, the summary is that a bunch of Windows users are getting hit with some malware that is spreading over the Internet. If you were wondering, I am NOT getting hit with said malware, because I patched my computer a month ago. In essence, Microsoft released a patch to a security flaw in October, a month before exploits were in the wild, and now unpatched users are (surprise surprise) facing problems.

Linux has a couple advantages in the security area over Microsoft. Sure, the code is open-source and peer-reviewed, so anything that is insecure is likely to be discovered pretty quickly. But Linux also doesn’t have something that Microsoft has: computers selling at Wal-Mart.

That shouldn’t be taken entirely literally: I know Linux is being sold (to a limited extent) on pre-built machines at Wal-Mart. But I guarantee you, if you walk into a Wal-Mart electronics department and ask for a novice computer, you’ll get a pre-assembled Dell with Windows Vista (probably Home Basic). There’s definitely a market for computers like this: people who don’t care about computers other than having one so they can check their e-mail and surf the web.

These people don’t know (or don’t care to know) about viruses, worms, malware and spyware. All they use is the stuff that comes out of the box (Internet Explorer comes to mind). They’re not circling the second Tuesday of every month as Patch Day, waiting for new security fixes and service packs.

So what is Microsoft to do? They’ve already tried pushing out updates that install automatically (to some backlash) but these can be canceled or aborted. The article linked above asks if it’s time to start forcing critical updates on users: I don’t think that’s the right idea, but it’s close.

How far are we away from a managed operating system? That is, not an operating system that lives on your computer, but one that lives in the cloud waiting for you to connect? Most houses these days have broadband access, and for people who just want to check their e-mail or surf the web, a managed operating system is just what they need. They don’t want to have to worry about updating or patching, they don’t want to have to worry about spyware infections (although to be fair, neither does the company that manages it – there would have to be some huge restrictions in place). They just want a computer that works, and works well enough so that they can do their stuff and not worry about it.

I think we’re close. And I think it’s a better solution than forcing updates.

Windows 7: A modular approach

I posted yesterday about how I installed Service Pack 1 for Windows Vista. I imagine that any of you reading this know that Windows Vista will eventually be retired, just as XP was before Vista and 2000 was before XP. The internal working name for the next version of Windows is Windows 7, which is set to be released sometime in 2010 (there was talk of 2009, but thankfully Microsoft looks like they’re going to delay it long enough to get it right).

Obviously, I’m not writing an encyclopedia here, so why am I writing this post? Because multiple sources are speculating that Windows 7 will be module-based. A module-based OS will be familiar to those of you that have used a fairly modern version of Linux like Ubuntu or Fedora, which uses something called “packages” to customize an installation and add software if needed. The idea is that this way, users get what they want and nothing that they don’t want, and can add features later.

Windows has actually had “modules” of some sort for some time, albeit not visible to the user. In Windows Server 2003, something called “roles” was introduced. Users could specify what roles a given server would fill, and then the proper software would be installed. Roles became a bigger part of Server 2008; when you install Server 2008 only the core stuff is installed and then you pick stuff to add.

But for the consumer versions of Windows, which obviously have to cater to the lesser users, the concept of modules and roles has been mostly avoided (except maybe the “Add/Remove Windows Components” dialog box). Evidently this is set to change in Windows 7.

Let me just say that if this is done right, a modular Windows 7 is a fantastic idea. Most of the complaints with Vista is that the operating system is too bloated, comes with too much bloatware and is too expensive. With a modular implementation, all of these problems could be erased.

Here’s what I envision: you log in to a Windows Live site, and click around until you get to a page that lets you purchase a copy of Windows 7. Here, you have a few options. You can choose from a few pre-set module configurations that are perhaps a tad discounted, or you can choose to customize your copy of Windows 7. Also, you’d be able to have the box/disc shipped to your house for an additional fee or simply download an ISO image.

Under customization, you’d be able to select which components you want, with only a minimal core of modules that are required (kernel, networking, a “module manager”, etc.). Some modules would cost money (perhaps like Windows Movie Maker or Windows Media Center), while others would be free but optional (like IE). Once you’re done making your selections, an automated validation bot would go through your selections and make sure everything looked okay, perhaps make recommendations, and then send your selections to a server that would generate the ISO you need. I imagine creating an ISO would take a bit of time (even if it was done dynamically), so you would be directed to an optional registration page, and then you’d be provided with a link to download the ISO and a key. At any time in the future, you’d be able to return to this Live website to make changes to that ISO (and pay the difference if needed), order copies of the CD (with the same key), and most importantly, see your validation key. Once you install the OS, the “module manager” available within Windows would keep track of which modules are installed and allow you to purchase more if needed.

Now where it would really get interesting is if Dell and HP built something into their websites to allow you to customize your Windows OEM installation from there, so that way if you didn’t want some of the bloatware Dell and HP provide, you could simply choose to leave it out.

So why is that better? Overall, everything could be cheaper: only pay for what you want! I think things could be easier too, even for the mere mortals, because instead of buying a copy of Office 2010 or whatever, we could simply package it with our Windows ISO for a lower price because it is in a bundle.

I hope this is how things work out for Windows 7, but hopefully this post has enlightened those of you in the dark as to how powerful a modular OS can be. To 2010!