Inside Windows 8: What You Need To Know
Redmond doubles down on its emerging client OS, which promises to support legacy and "Metro style" applications on two different hardware platforms.
Related Articles from Redmondmag.com:
At its BUILD conference in September, Microsoft released the Developer Preview version of the "Windows 8" client OS. While a lot was said at BUILD, the information often came piecemeal. Here, we're pulling together the major nuggets about Windows 8 that we've mined along the way.
Microsoft CEO Steve Ballmer early on said that Windows 8 will be Microsoft's "biggest bet," and Microsoft showed some of its cards at BUILD. The architecture of Windows 8 offers greater options for developers to create applications that may be more easily ported across hardware platforms, especially with the shift toward HTML5-coded apps. That approach may help shore up Microsoft's eroding Windows PC market, which is being hit by an increasing global preference for mobile devices with greater computing power.
This milieu may explain why Windows 8 arrived at BUILD with a split personality of sorts (see Figure 1).
[Click on image for larger view.]
|Figure 1. The Windows 8 platform, as depicted by Microsoft.|
Microsoft's schematic shows support for two types of applications: the new "Metro style" apps and classic "Desktop" apps.
This dual approach taken by Microsoft may offer developers a greater stake in continuing to churn out apps for Windows.
Windows 8 will also support ARM hardware architectures, which will open up new device form factors for the Microsoft flagship desktop OS. IT professionals likely will have to wait and see if their favorite line-of-business (LOB) apps will be ported to the ARM platform (see "Windows 8 Applications: Sorting Out the Confusion," p. 24). Because of that uncertainty, x86 machines will likely stick around for years to come on the corporate desktop, and workers might not be so untethered on ARM-based devices if they lack access to important productivity apps.
Windows 8 could see release as early as April 2012, or could come out as late as sometime in 2013. Michael Cherry, an analyst with the Directions on Microsoft consultancy, expects a later arrival, based on the many Windows 8 changes that Microsoft will have to test.
Security in Windows 8
Microsoft has built a number of security elements into Windows 8, with some being familiar and others new. The highlights include protections at the boot level, a revamped Windows Defender, reputation-list filtering and threat-mitigation improvements.
First of all, Microsoft is shifting to support the Unified Extensible Firmware Interface (UEFI) standard for firmware, as well as BIOS, with Windows 8. While BIOS will be supported, it's considered more in the legacy realm, at least according to Microsoft's descriptions at BUILD. The use of UEFI offers an opportunity for
Microsoft to ward off rootkits and "bootkits," which hide malware from users because anti-malware programs often don't check the firmware. Such checks will happen at the preboot level, as Microsoft will enable third-party anti-malware vendors to perform checks before the system boots. ARM devices currently use the UEFI standard, but such early boot protection is not afforded on most BIOS-based PCs today.
The main security advantage of UEFI is its "secure boot" process that checks loader certificates before booting the OS. These certificates must be signed by a Certificate Authority (CA) in Windows 8. On top of that precaution, the OS and firmware can share information about trusted and untrusted certificates, and Windows Update is leveraged to enforce blacklists on illegitimate certificates. Microsoft will require secure boot as part of its requirements for UEFI firmware vendors working with Windows 8 systems, according to Arie van der Hoeven, a Microsoft principal lead program manager.
This secure boot process isn't Microsoft's invention, but is part of the UEFI 2.3.1 spec, where its use is optional. PC users can turn off secure boot via an option setting in the Developer Preview, but Microsoft doesn't recommend it. People might want to turn off secure boot to enable a dual-boot setup with Windows 8 and another OS (Linux or Windows 7, for instance), but they sacrifice this boot-level security protection by doing so.
UEFI will enable native encryption on hard drives, and that encryption will work with the Microsoft BitLocker security solution, van der Hoeven said at the BUILD conference. This integration will fix a current remote boot issue with BitLocker on Windows 7, which requires IT professionals to be available at the desktop with a PIN code. Instead, with Windows 8, PIN codes can be stored in a remote server. If a user is connected to that server, automatic remote boots of BitLocker-enabled systems will be possible.
Microsoft has returned its Windows Defender to Windows 8 for those without third-party anti-malware protection.
Microsoft claims that the revamped Windows Defender in Windows 8 provides real-time protection against a variety of malware, including rootkits, via regularly delivered signatures. Microsoft also says that Windows Defender will target adware, spyware and other unwanted software.
Windows 8 will include a new "application reputation" feature to warn users of untrusted software. Application reputation is part of Microsoft's SmartScreen URL reputation filtering that was first seen in Internet Explorer 8. The Windows 8 SmartScreen filtering in Internet Explorer 10 only notifies users about a potential security problem when no reputation has been established with the URL.
Windows 8 Features
The next Microsoft OS introduces the most radical new approach to Windows in the platform's history, perhaps with the exception of the move from MS-DOS to Windows.
It redefines the way client-side software is developed and used. Here's a list of 15 key new capabilities in Windows 8 based on the Developer Preview.
Metro: Windows 8 will come in two modes, Desktop and Metro. While the former is intended for traditional PCs using the familiar Windows 7 desktop metaphor, Metro brings an entirely new immersive and full-screen UI to Windows. In addition to introducing a new UI that's touch-based for a new class of devices such as tablets, Metro ushers in a new model of how apps are developed and consumed.
Tiles: The new UI components that are both rectangular and square represent the evolution of traditional icons. Tiles made their debut in Windows Phone 7. The Live Tiles in Windows 8 will display feeds associated with apps, such as e-mail notifications and stock quotes.
Charms: Microsoft's term for icons that launch key Windows 8 functions in Metro. There are five charms in Window 8: Devices, Settings, Search, Share and Start. The charms appear when a user swipes the right side of the screen.
Contracts: A mechanism in Windows 8 that lets apps communicate with one another in the Metro environment, even if the apps were built independently. Among the contracts built into the OS are Search and Share.
Task Manager: Upgraded for the first time in 20 years, Task Manager will allow users to monitor CPU performance and control start-up apps. It has the ability to track how resources are being used in a cleaner interface. It also tracks network bandwidth and lets users monitor the impact of Live Tiles on bandwidth.
Picture Password: An alternative to using an alphanumeric password, a user can log in to Windows 8 by selecting a photo and touching or swiping the screen with a specific series of gestures.
Hyper-V Client: The Microsoft Hyper-V hypervisor is currently available on Windows Server 2008 and Windows Server 2008 R2. With Windows 8, Microsoft's virtualization platform is part of the client OS, replacing Virtual PC for desktop virtualization. The new Hyper-V integration into the client OS will allow users to run 32-bit and 64-bit virtual machines (VMs) on top of Windows 8. It will allow developers to work with multiple environments, while IT pros will be able to leverage desktop virtualization for different test configurations. One important caveat is that the Hyper-V client is limited to running on 64-bit hardware.
Windows To Go: Windows To Go is not yet available, but it will provide another way for IT departments to support mobile workers. It provides users with an imaged version of Windows 8 that reflects the enterprise desktop. The image resides on a USB-based memory stick. Users can plug the memory stick into an unmanaged PC and get access to the full managed-enterprise desktop environment. It allows Windows Update patching, BitLocker support and anti-malware protection.
Performance: Steven Sinofsky, president of the Microsoft Windows and Windows Live Division, demonstrated the Windows 8 Developer Preview using 281MB of RAM and using three fewer processes than Windows 7 SP1, which consumed 404MB of RAM and 32 processes. The benchmark was displayed on Sinofsky's 3-year-old Lenovo netbook configured with 1MB of RAM and an Intel Atom processor.
Syncing with Windows Live ID: Users will be able to sign in to their Windows 8 computers using a Windows Live ID, which will save Windows settings with the user account.
Application and last-used state settings will then persist across other devices running Windows 8. Any changes to those settings are kept in sync via the Microsoft cloud. Users have control over what gets synced in terms of personalization, themes, language preferences and a few other options.
"Refresh" and "Restore": Refresh is an option that will allow users to reinstall Windows 8 without having to wipe out applications, files, data and personalization. Many will view this as a preferable option to performing a clean install. For those wanting or needing to reset their systems to the original factory settings, users can use a feature called Restore.
Secure Boot: A firmware validation procedure that operates in the boot path to ensure that only verified loaders will boot Windows 8. It helps to prevent malware from switching the boot loaders. Secure boot is part of the UEFI 2.3.1 spec; it's not a Microsoft-developed feature. However, Windows 8 will be active with secure boot in verifying the certificates used by boot loaders. This is a controversial feature because it might disallow other OSes such as Linux from booting on that machine when secure boot is turned on.
Internet Explorer 10: Described by Sinofsky as the most-used tool in Windows, the next version of the browser will be available both for Metro and Desktop editions. The Metro edition of
Internet Explorer 10 will be "plug-in free" and is optimized for HTML5. The Desktop edition and Metro running on Intel and AMD PCs will continue to support plug-ins and extensions.
Windows 8 Reaches for the Cloud
While Windows 8 promises to change how users create and consume data, it will also aim to make extensive use of the Microsoft portfolio of cloud services.
Windows 8 is intertwined with Windows Azure and Windows Live, the flagship Microsoft cloud offerings. Users will be able to log on to their Windows 8 devices using their Windows Live IDs in a single sign-on approach. Controls ranging from browser history, themes, e-mail accounts, and various other settings will be saved in the cloud and can be shared among a user's multiple PCs and phones. Saved Windows settings are propagated and synchronized through the cloud and associated with all of the user's Windows 8 PCs and devices.
At BUILD, Chris Jones, Microsoft corporate vice president for Windows Live, demonstrated a connected address book, which is a Metro app that lets users combine their contacts from various e-mail accounts and social networks such as Facebook and LinkedIn. Jones also demonstrated a photo app that uses Windows Live to share photos from other services such as Facebook and Flickr.
Windows 8 will leverage Microsoft SkyDrive, a cloud-based storage service that provides every Windows Live user with 25GB of storage capacity. Users can access files in SkyDrive just as they do in the local file system, Jones explained. Every Windows 8 device will have automatic access to SkyDrive.
Using the Live APIs for SkyDrive, developers can build their own cloud-connected Metro apps. The APIs allow Windows 8 developers to build in the capability of reading and retrieving files via SkyDrive.
Windows 8 will have strong ties to Windows Azure. Microsoft released its Windows Azure Toolkit for Windows 8, enabling developers to build cloud-based services for Metro apps.
The Windows Azure Toolkit for Windows 8 includes documentation, templates and code aimed at simplifying the development of Metro apps that take advantage of the compute and storage features of Windows Azure. It also enables developers to implement the Windows Push Notification Service into their apps.
Microsoft is encouraging developers to build new forms of client apps that are connected to Windows Azure. At BUILD, Microsoft demonstrated a sample application it calls Margie's Travel that allows individuals to access their itineraries from multiple Windows 8 machines using Windows Azure to integrate multiple back-end services. These services include Bing data, reports from the National Weather Service and data from different ticketing (hotel, airline and so on) agencies.
There are still many unknowns when it comes to Windows 8 and the cloud. Will developers build apps that leverage Windows Live and Windows Azure? How will the use of those services be priced? How well will these apps perform? And how will Windows 8 ultimately play with other vendors' cloud services? These and other variables may very well determine if Windows 8 succeeds as a cloud-connected OS.
More from Redmondmag.com: