A Blog Helps Microsoft Get a Key Win 7 Feature Right
Posted by: Stephen Wildstrom on February 06, 2009
It’s fascinating to watch how the use of corporate blogs, when used for dialog rather than propaganda, can change the way business decisions are made, generally for the better. A good case in point is how Microsoft finally decided to fix a bone-headed design decision in Windows 7. The significance goes well beyond the technical issues involved.
One of the more important changes in Windows 7 is to give users is to give users more control over Vista’s endlessly annoying User Account Control (UAC) security feature. About a week ago, security researcher Long Zheng reported a problem: A malicious program could stealthily alter the UAC settings so that a user would not be notified of even the most dangerous system changes or program installations.
Microsoft initially reacted to the reports by arguing, rather unconvincingly, that this behavior was actually a feature and that they had no intention of changing it. In a long post on the Windows 7 Engineering blog yesterday, Microsoft Senior Vice-President Jon DeVaan why this seemingly nasty risk really wasn't much of a risk at all because Windows 7 was so good at keeping malware off the computer in the first place. Therefore, there was no need to notify a user if a program attempted to change the UAC setting.
The post drew a lot of incredulous comments. And Microsoft, to its credit, reacted quickly. In a followup post late last night, DeVaan and Windows development chief Steven Sinofsky cited the comments at some length and conceded that the critics had a good point. The security of UAC would be raised and, in particular, users would always be notified if a program attempted to change the settings.
The result will be a better Windows 7. But how the process worked is as interesting as the result. The Windows 7 Engineering blog has been a serious effort by Microsoft to explain the rationale behind key design decisions. Posts are very detailed and often a bit of a slog, especially to a non-engineer like myself. But the result is a serious dialog between Microsoft engineers and outside developers and analysts. (I don't know how heavily Microsoft filters the comments that get posted, but what appears on the blog is free of the ranting that pollutes so many blog comment threads.) This is the way things should work.