Windows 7's Virtual XP Mode a Support Nightmare? 413
CWmike writes "Microsoft's decision to let Windows 7 users run Windows XP applications in a virtual machine may have been necessary to convince people to upgrade, but it could also create support nightmares, analysts said today. Gartner analyst Michael Silver outlines the downsides. 'You'll have to support two versions of Windows,' he said. 'Each needs to be secured, antivirused, firewalled and patched. If a company has 10,000 PCs, that's 20,000 instances of Windows.' The other big problem Silver foresees: Making sure the software they run is compatible with Windows 7. 'This is a great Band-Aid, but companies need to heal their applications,' Silver said. 'They'll be doing themselves a disservice if, because of XPM, they're not making sure that all their apps support Windows 7.'"
Won't this largely depend on how well it works? (Score:5, Interesting)
On the contrary... (Score:5, Interesting)
This could be very good for support people. Since Microsoft would have to keep supplying patches to XP, there will be no reason to even think about installing Windows 7. Thus allowing support people to the confidence of continued patches.
This is M$ we are talking about. (Score:2, Interesting)
Re:So what, if true (Score:3, Interesting)
Microsoft is really giving customers the worst of both worlds. Making only incremental improvements to their mainline OS's while creating a backwards compatible VM which is simply more cruft to throw on top of an ever expanding pile of backwards compatible cruft.
Better to float the "VM as compatibility" boat in the wild before relying on it?
I'm making crap up -- it's probably more MS missightedness -- but it would be a half decent reason. There's all sorts of stuff that can go wrong in the wild that would be next to impossible to foresee, so by limiting the places where it doesn't work to only programs that don't run on Win7 natively they limit the potential damage a little bit. (Of course, problems that surface are more likely to be on critical apps.)
Re:Pardon me... (Score:3, Interesting)
Classic is/was not an abstraction layer. When you start classic, you can open a window where you watch Mac OS 9 boot, just like Virtual PC. After it finishes loading, the window disappears and Classic apps are displayed on the desktop, same as any other. An old enough Macintosh can boot from the System Folder used for Classic.
You may be thinking of the Carbon API, which was available under 9 and X. There is no translation involved; Carbon applications are native in both 9 and X.
Rosetta is a binary translation layer, like you said. Apple did the same thing when moving from Motorola 68k CPUs to PowerPC.
Re:Pardon me... (Score:5, Interesting)
Actually, Windows has a way of kicking you in the balls. How would running XP in a virtual machine be any different from the usual windows experience?
I think this is the smartest move Microsoft has done in a long time. They need to relegate the backwards compatibility to a virtual machine, and make the next Windows OS much leaner and secure.
I agree with the GP that Apple had little problems with this and their market is of sufficient size to assume that Microsoft would fare just as well.
Let me fix that for you: (Score:5, Interesting)
From TFA:
"Windows XP Mode is specifically designed to help small businesses move to Windows 7," Scott Woodgate, director of Windows enterprise and virtualization strategy, said in a blog entry last Friday.
Corrected:
"Windows XP Mode is specifically designed to help us move copies of Windows 7 proffessional and ultimate, as opposed to the cheaper home addition,"S cott Woodgate, director of Windows enterprise and virtualization strategy, meant in a blog entry last Friday.
Drivers? (Score:5, Interesting)
How would running XP in a virtual machine be any different from the usual windows experience?
It depends on whether Windows 7 can pass-through USB devices and PCI cards to Windows XP. Otherwise, people will try and fail to use hardware with XP drivers on the virtual XP. (Windows 7 uses Vista drivers.)
Re:On the contrary... (Score:5, Interesting)
> Since Microsoft would have to keep supplying patches to XP, there will be no reason
> to even think about installing Windows 7.
It gets even better. If they ship an XP compatibility layer in 7 it tells everyone that XP apps will be a supported option for the lifetime of Windows 7. And if XP is kept alive in this way, ya you are probably right that patches for XP itself will probably be continued for quite some time, especially since they are going to be selling newly licensed copies at least as late as this Xmas.
However it is the follow on effects of a promise that XP will be a viable platform to run applications in for at least the next 5-7 years. It makes XP the safe choice of API to write new code to. An XP compatible application will run on XP, Windows 7 and via CodeWeavers increasingly effective efforts (as the XP target has remainied basically stable for years) it means an XP application can run at native speed on Mac and Linux. And it doesn't take that much effort to write XP apps that will run on 7 anyway without needing the emulation layer so 7 compatible XP code is going to be a more universal binary than Java ever achieved in the real world.
If Microsoft isn't careful with this XP on 7 plan they could Warp themselves.
Re:Umm... (Score:4, Interesting)
Neither VPC, Virtual Server or Hyper-V support "running off of a directory tree in the host OS's file system"... instead the virtual hard drive(s) are packaged into nice and portable VHD files... and I'd be very surprised if VirtualBox, VMWare or any other VM software did.
External scanning would require the AV system to know how to crack a VHD (which isn't difficult at all)... though doing so when the VM is online might be tricky.
Re:Yes but ... (Score:5, Interesting)
As I was perusing the various security boards and newsletters I frequent, I started thinking of how amazingly large the array of people making their livings off of Windows' security deficiencies. It's huge.
There are a multitude of websites that might as well be devoted to Windows security issues. There are the people who constantly write AV signatures. People who collect malware in honeypots and distribute it to security researchers. People who have to write and test patches - both at Microsoft and at other software publishers. People who lecture on Windows security. People who do forensics on compromised machines. People who try to contain the damage when an organization's computers are compromised. People who have to notify the people who are affected by the compromises. People who have to untangle and try to block unauthorized bank charges and identity theft. Etc.
It's like the bump on the log at the bottom of the sea song. The chain just goes and goes and goes. At least it is employing people but you have to wonder what the total global expenditures are in dealing with the consequences of security issues in Microsoft Windows.
This isn't meant to be a troll. It's a legitimate concern and I wonder when people will finally say "enough".
crash and burn (Score:5, Interesting)
This kiosk had a good looking young man who was part of the product management group for WM 6.5 and very knowledgeable about the product. When I told him that I was a WM developer, he listened attentively as I explained my frustration in trying to program the WM6 smartphone camera to work. His smile faded as he explained that Microsoft had failed to thoroughly test the OEMs for WM5, WM6 and WM6.1. As a result, the DirectShow APIs for many phones were not fully/correctly implemented. He showed me a web page - http://studierstube.icg.tu-graz.ac.at/handheld_ar/camera_phones.php [tu-graz.ac.at] - that explained the problem phones. Then I asked, "will this be fixed in the coming 6.5 release?" He shook his head and replied, "no, not until WM7." I thanked him for his candor and moved onto Live Search.
At Live Search, a bright young man was touting the performance of their latest version and let me test it against Google, where it seemed to respond comparably. He talked about how his group was trying to get other parts of Microsoft to use their Live Search instead of their own, "an uphill battle." At that moment, another person walked up and asked a question, prompting him to pull out his iPhone. I reached out with my WM phone and joked, "wouldn't it be more politically correct to show this?" He responded, "oh, no. Most of my friends at work have iPhones. It's OK."
The problems documented by Daniel Wagner's web page (above) and unmentioned on microsoft.com or msdn.com cost us three months of development time. I should have suspected; mea culpa. Our application now runs on iPhone, and we are not looking back.
BTW, the Microsoft coffee table looks like a giant iPhone.
Re:This is M$ we are talking about. (Score:3, Interesting)
But you're going to have to deal with those people anyway. You might as well get the people who can help themselves out of the way so you have more time to explain what the "Any Key" is.
Re:Pardon me... (Score:4, Interesting)
That said, the latest offerings from virtul products tend to be very highly integrated. One would hope that MS could offer vscan integration to allow the parent OS to protect the virtual machine. I'm not saying that is the case now, but it seems possible since they are both on the same file system, both using the same hardware, memory, etc (given they are segmented from each other).
I still see this as a necessary step to avoid a lot of legacy baggage.
Re:Drivers? (Score:1, Interesting)
It really is all a deceitful act of marketing. It provides M$ with the opportunity of once again inflating the sales of the next OS and provides them the opportunity of killing support for the virtual machine at a moments notice with the claim, "but you are already running the new OS". They are locked into the idea of deploying full DRM as part of the windows OS and unless you pay the licence fees to access the OS you will not be able to sell software or hardware on it and naturally enough killing off open source software.
They are already playing up the security issue when you install any new M$ software on the older OS, "oh noes you are running XP you will die unless you to upgrade to vista". Really think about it, they want to charge you to upgrade to windows 7 so that you can run windows xp in a virtual machine, so that you end up paying for nothing, except of course more DRM and a slower OS (oh, and a few hundred millions dollars worth of PR=B$ advertising).
Already do it... (Score:3, Interesting)
I run Windows XP in a VMWare Workstation virtual machine. My laptop requires 64bit and runs (believe it or not) better with Vista 64bit than any other Windows OS.
However, there are some apps that refuse to run correctly in Vista. So it's a cake walk with VMWare to run XP.
For support - I don't see an issue. XP actually runs pretty damn good in a controlled virtual environment. You get away from all the wacky hardware drivers and shit that normally trips up XP. The problem I see is if/when Microsoft ends XP support for security updates.
Re:Microsoft, please read and listen! (Score:3, Interesting)
You could do something like using Linux off of PXE boot and have that host and automatically load a Windows XP session. This type of setup is used in places like kiosks where you have a hostile user environment and need the ability to easily restore XP as needed. This would present a single operating system to the user, avoid license issues, allow easy access from a troubleshooting standpoint and so on.
My issue with Microsoft is that they want you to run Windows 7 on a normal basis and then load a virtual XP on an as needed basis. This put enterprises in the business of supporting two platforms per PC and will significantly increase their support costs.
Forest, meet trees...MS, look and see them... (Score:2, Interesting)
XP has become a victim of its own success.
There are many people out there who are clinging to XP, and they don't want Vista, they don't want 7...they want Windows XP 4 EVAR! And there is nothing wrong with that. XP isn't broken, don't fix it.
Sure, Windows 7 might 'suck less' than Vista, but that's merely providing the remedy to the poison. Easier to use, simpler, less eye candy.
There's nothing wrong with providing virtualization, and perhaps if they slapped a better GUI and contributing with new features to VirtualBox that might be worth writing home about. (Specifically the braindead ISO image manager that's a PITA to use when all is needed is a combobox for previously saved images, adding an OSX compat layer, adding JIT app translation for emulated binaries, etc)
Microsoft needs figure out what works well and make it work even better, not try to give us something new.
Re:Smart move? (Score:2, Interesting)
I have never seen any software thats even close to what you mention above. Im a network admin working with AD and those traits arent even on the same planet as Windows server 2008/2003.
Policies are an ugly hack of distributing disturbingly ugly and crude register hacks onto remote computers. The amount of bugs are staggering.
Remote installation with msi packages sometimes make me wake up screaming in the night. Its hellish work and sometimes an app breaks when installing a new one.
Microsoft doesnt run any office version properly, period.
Active Directory, pray tell, have you ever used it or its 100 different management tools? Seen it grow out of proportion, watched it crash and then had an allnighter trying to get it understand that yes, the backup is from yesterday and yes, it really is older than the current database? AD sucks compared to any LDAP service in existance and it sucks so bad you have to have two copies running at all times. Not for failover but for normal use.
Anyone claiming Windows and AD is a good product hasnt worked with it ever except maybe selling it. That or its someone who has never used anything else.
The only "problem" with linux is that it doesnt run windows applications. Managing many linux computers on a large network is a piece of cake and not at all a problem that needs to be solved.
I don't agree (Score:1, Interesting)
Of course it depends on Microsoft's implementation of the whole thing. But if done correctly Windows XP will run in a nice environment that is protected by Windows 7.
In fact, Windows 7 could act as an Hypervisor to secure XP.
A hypervisor is great when it comes to security, because from its vantage point it can control the guest OS (antivirus, firewall, etc.) without risking to be compromised itself.
Re:Drivers? (Score:3, Interesting)
Running WinXP in a VM right now. The single noticeable issue with USB is my headset. Going to Youtube to watch a video give choppy audio. Otherwise, everything works great. USB flash drives, external hard drive, mouse and keyboard, as well as a USB device for flashing BIOS ROM's.
Plugging in a new USB device causes VirtualBox to pop up a window, asking if I want to attach the device to the host, or to the guest. That pop up needs a little streamlining, because right now, the host automatically mounts the USB device, leaving the pop up powerless to assign the device. However, I can, and do, u mount the device in the host, then use the tool bar in VirtualBox to mount the device within the VM. No problem, just an extra step.
Re:Yes but ... (Score:4, Interesting)
Linux and OSX both have and will have weaknesses. The tend to be more local exploits than remote, but they aren't perfect either. I know Apple has caught a lot of flack for being slow to fix weaknesses too - apparently generally slower than Microsoft or the Linux distro maintainers.
I know security is not easy. Security is a big part of my work. But I think that both Apple and Microsoft could do a better job about educating users regarding security. All too often I hear Windows and Mac users claiming they have never had an intrusion/virus. Particularly Mac users. Linux users, on the other hand, really do tend to be more computer literate and the distros now also tend to have everything turned off and ports need to be opened to use services. A default closed stance is a good one.
But the fact is that Microsoft is the target of the lion's share of exploits and attacks. It does get the criminals the most bang for the buck. But for whatever reason, a lot of Microsoft users don't update. I think it's a bad decision, but Microsoft now excludes pirate copy users from being able to get updates. That just guarantees a ready pool of systems to be used in botnets.
I think Apple and Microsoft both would benefit from including a multimedia presentation with their computers that covers the basics of computer security. They could explain the risks of various activities and also the best ways to combat computer crime. If people actually understood what the difference was between an administrator account and a user account, that in itself would go a long way to make it more difficult to compromise PCs.