Wednesday, April 19, 2006

Vista, Vista, Vista :-(

Paul Thurrott loves Microsoft. He runs the truly awesome SuperSite for Windows, which I read from time to time.

Today, I came across his review of the latest test builds of Windows Vista. Paul is clued, and if he's biased in any way, it'd be towards Microsoft. When Paul says great things about Microsoft products (including Vista), his reviews get floated around by Microsoft executives themselves.

So, it was a bummer to read his thoughts on the latest test builds of Vista.

What really piqued my interest was the section on User Account Protection. This morning, I echoed the same sentiments to my officemate, rather loudly, in fact loudly enough to catch a friend's attention who was walking down the hall nearby. I would repeat my exact words here, but would rather not be quoted out of context as "even Microsoft employees think UAP's a <explative> <explative> <explative>".

I don't want to be a "no bird", but I do want to be self-critical. Before Clippy shipped, how many Microsoft employees stood up and said "HEY! THIS IS GOING TO ANNOY USERS! THIS IS A REALLY REALLY BAD IMPLEMENTATION!"?

So don't get me wrong. I totally buy into the vision of UAP. But the execution in the latest builds is totally jank. Clicking on Windows Update disables the entire Windows UI and brings up a popup asking if Windows Update can run. Deleting a shortcut off the desktop does the same thing. How long will it be before users just turn the feature off like Clippy, or they just always click "Yes" like in IE? And what happens in corporate environments where IT departments force this feature on users? Users become less productive, more agitated, and Microsoft-averse.

In an attempt to be constructive here, I'd first concede that there's no silver bullet solution here yielding both security and usability. But in this case, I think the balance is tilted so far on the security side that Windows becomes unusable to the extent that users will disable the security feature altogether, and then where does that leave us? So my suggestion would be to ease up a bit. If a user explicitly takes action (i.e. drags a shortcut into the recycling bin), suppress the confirmation dialog (and don't make it so modal!). If I do a similar action twice in a row within a short time period, don't prompt me each time. Don't prompt me for common operations performed by signed software that ships with Windows (i.e. Windows Firewall).

IDEA: Do a study on some average users living with Vista (we have these users and studies set up already). Gather data on when they click Allow/Deny. Put some harmless malware-simulation software on their systems that finds creative ways to perform operations (i.e. after a user clicks something that performs a file op, the malware performs a "bad" op of its own, etc). See if the users click Allow for their own operations, and Deny for the malware operations.

(I'd also like to see their stress levels monitored, and a measure of their focus on a task they're trying to perform when these dialogs repeatedly pop up, but that is neither here nor there.)

Anyway, there's lots of room for improvement here. I hope it happens before Vista ships. I expect Microsoft customers to LOVE Vista as much as Apple customers LOVE OS X. If not, then we failed.

As with every other success and failure.. time will tell.


josh said...

"The company itself has turned into that thing it most hated (read: IBM), an endlessly complex hierarchy of semi-autonomous middle managers and vice presidents of various levels and titles, many of whom can't seem to make even the smallest of decisions."

Weren't we just talking the other day about how MS has an insane number of managers (in my opinion)? It would seem he agrees with me!

adamjh said...

Probably varies by group. Mine doesn't seem to suffer from management bloat, but I'm not surprised if some do.

Graham said...

It's a big problem. There are some problems that beta testing will resolve, in that they are annoying or clumsy but it's possible for the beta testers to comment constructively, to see how it could be fixed. With User Account Protection it's so bad that the only thing to do is switch it off. Once it's off there will be no beta feedback, so it's hard to see how it will improve. In the meantime it's a distraction, there are other problems with Vista that could be fixed but probably won't get the attention they deserve - navigation for example. How do you find just navigating around the file system?

adamjh said...

I actually enjoy the new explorer navigation and look/feel. Out of curiosity, what don't you like about it?