Shostack + Friends Blog Archive


Vista Didn't Fail Because of Security

Bruce Schneier points in his blog to an article in The Telegraph in which Steve Ballmer blames the failure of Vista on security. Every security person around should clear their throat loudly. Security is not what made Vista unpalatable.

Many people liked Vista. My tech reporter friends not only adored it, but flat couldn’t understand why people didn’t adore it. I have a number of other friends who adored it. In assessing Vista, this is important to keep in mind. Despite its bad rep, many people liked it. So why did many people not like it?

First, there were the gamers. Before Vista came out, Microsoft did a lot of marketing Vista to gamers. There were kiosks at gaming conventions and other places touting Vista as a gaming platform.

Unfortunately, it wasn’t. Reliable tests at the time said that Vista ran games about 20% slower than XP. Compounding this was that among the drivers that were dodgy when it first came out were video drivers. Many gamers felt that they had been sold a pig in the poke, and there was merit to this claim. Hardcore gamers are people who will spend money on bleeding-edge kit, and it was precisely this bleeding-edge kit that didn’t work well at first. And whatever it was that made games run slower (even if it was security features), that’s not the point. Microsoft’s statements to the gamers was that their gaming experience would be better on Vista, and it was worse. Once the 4chan crowd starts making memes about suckage, you’re behind the eight-ball.

Second, there were the cheapies. Many machines were marked as Vista-capable that either weren’t, or could only run the basics of Vista and not the fancy new stuff. There is an aphorism that Intel giveth and Microsoft taketh away. The problem is that most of the PC makers will try to sell you the cheapest possible computer, and these cheapest possible computers just didn’t have enough oomph to do Aero and the cool features in Vista. Microsoft took more than Intel gave and the customers felt they’d been sold a pig the poke. There were even lawsuits over this, and it added to Vista’s bad rep.

Third, there were the people on laptops. For whatever reasons, when Vista first came out, it was slow on laptops. One of my co-workers bought a ThinkPad to run Vista on for testing alongside her existing XP laptop, and it was much slower than the XP laptop running side-by-side.

I will add another personal anecdote. My brother-in-law bought my sister a brand-new Vista laptop. It ran slower than his older XP laptop. It was so bad that he would turn the screen of his XP laptop away so that she wouldn’t see him running XP and mentally compare it to her new laptop.

On the other hand, to repeat, the people who had high-end machines but not bleeding-edge machines adored Vista. If you had lots of memory, a not-quite-bleeding-edge video card, and a fast processor, Vista was great from the getgo.

However, this was not the buying trend of most PC makers. Their trend was to push people to ever-cheaper machines. Sadly, at the time Vista came out as well, all but the most expensive laptops were dodgy for Vista in all its glory.

This is a matter of zigging when you should have zagged, for the most part. But there were two other trends that caught Microsoft by surprise.

The first trend was virtualization. Vista was virtualization-surly. One of its cool features that’s great if you’re on a high-end computer is that it did a lot of pre-caching and pre-loading. Most people with lots of memory on a computer just don’t use that memory, and Vista had ways to use it to make the experience snappier. If you’re on a VM, this is precisely what you don’t want. In an ironically saving grace, though, Vista had a virtualization-surly license, as well. Only the most expensive Vista package was licensed for VMs, which was just as well given that it was optimized for big tower computers in a way that it was pessimized for VMs.

The second trend was netbooks. Intel gave not in the form of faster CPUs, but lighter, smaller, cheaper, less power-hungry CPUs in the Atom. The Atom, however, didn’t have the oomph for Vista, and this meant it had to run XP, which further tarnished Vista’s rep.

All of this together — bad performance among gamers, bad performance on cheap computers and laptops, combined with the trends towards virtualization and netbooks were what gave Vista a bad rep. The people who bought a computer that was a high-end desktop but not a gaming machine loved Vista (and love it to this day). Unfortunately, this demographic is precisely the demographic that also tends to buy Macs. Vista’s problems were all from zigging when you should have zagged.

Some of Vista’s problems can be laid at the feet of “security” (which I intentionally put in scare quotes. UAC was rightly ridiculed for excessive dialogs, but is that a security failure or a UI failure? Yes, kernel improvements delayed getting drivers out (which is one of the things that made the gaming experience suboptimal) and some other bumps. But those were compounded by marketing that went opposite of reality. If the Vista marketing had said, “Hey, it’s going to be a bit slow, and there will be some rough edges. But you’ll really like how we’re sticking it to virus writers” then there may have been a different perception. It is also not fair to blame counter-factual marketing on security.

The bottom line is this. Vista was great for some people. It was bad for others. But the marketing said it was going to be great for everyone. Good marketing that took Vista’s plusses and minuses as facts could have made things better. It was bad timing that Vista came out when the prevailing trend of every-faster computers everywhere started to change. Facing that could have made the difference.

None of that has anything to do with security.

5 comments on "Vista Didn't Fail Because of Security"

  • Blake says:

    Years ago, I was in a CISO-only forum in Redmond and we got an early preview of Vista. The Borg were very jazzed about it and asked us what we thought. We all looked at each other for a minute then one brave soul said, “Look, I’m sure this is wonderful and it looks really good, but nothing in here is going to help my company sell more [widgets]. So, you know, we’ll upgrade when you put a gun to our head and pull the trigger.”

  • Dan Weber says:

    I only used Vista recently when I purchased a new laptop. It seems totally fine. (I’ve never ever upgraded an OS. I upgrade when the computer dies and I replace it.)
    I did make sure to get lots of RAM and dual-core, but in 2009 you can get that for about $600, even in laptop form.
    Is this the same Vista as from before or has it been improved? UAC doesn’t bug me that much — the only thing I didn’t like was when I couldn’t do an “ipconfig /renew” from the command line, and it didn’t recognize “sudo”. :>
    I’m also not a hard-core gamer.

  • David Brodbeck says:

    I really think most of the bad rap on Vista came from the lack of third-party driver support. Most people don’t upgrade an old machine to a new OS, but tech columnists do. And when a tech columnist upgrades from XP to Vista and his/her printer stops working, you get a bad review. I don’t know if this was the third-party OEMs being lazy, or if Microsoft didn’t give them enough support, but it was a real problem. (I think they’re courting the same kind of issue with Windows 7’s lack of an upgrade path from XP. It may avoid a lot of potential installer issues, but it’s going to get mentioned in every review.)
    Of course, it could be Microsoft’s strategy is to release one crummy OS that everyone will hate, followed by an OK one that then seems awesome by comparison. This would explain both Windows ME and Vista. 😉

  • What really killed Vista was that in the enterprise space the path from XP to Vista was hardly straightforward or cheap. Most if not all patch management platforms, NAC and enterprise SSO that were designed to work with 2K and XP choked on Vista (at least in the beginning). Vista correctly plugged some holes that, unfortunately, were enabling features for many of these systems (e.g.remote registry and MSRPC remote control). So for many enterprises, the addition of Vista into their networks would have broken their endpoint management systems. So Vista really wasn’t an option. I suspect that hurt Vista sales a whole lot more than memes about suckage on 4chan.

  • PHB says:

    I have run Vista from the start on my Voodoo Omen. Never had any problems at all. The machine runs like a bat out of hell with a 30″ display.
    There are a couple of points that are lame. nVidia’s device driver is certainly lame. The video cards have a total of 1.5Gb of RAM and they take a 1.5Gb hole out of the 4Gb of memory. Totally unnecessary, totally lame. And nVidia’s RAID support is utterly lame as well. But that is not Microsoft.
    The main thing that is lame though is the stupid price Microsoft is asking for an upgrade. I have already paid the premium price for Vista Ultimate. I should pay no more to upgrade Vista Ultimate to W7 ultimate than it costs to upgrade Vista Home to W7 home. There is no way I would pay $300 for the upgrade and I spend several thousand dollars a year on software (I have full copies of Adobe Photoshop Premiere and Photoshop and a copy of Solidworks). If I won’t pay those prices then I doubt many others will.
    A lot of resistance to Vista in the enterprise came from lazy sysadmins who saw the blather on Slashdot and saw an opportunity to avoid the work involved in an upgrade. And most of the blather on slashdot was Linux fanboys speaking of stuff they don’t know anything of.

Comments are closed.