Loading ...We took our first look at Microsoft’s inbility to create something genuinely useful and a minature review of Vista when we evaluated Windows Vista Backup at the beginning of the year. The premise of that article being that by evaluating a single program, and all the usability/functionality flaws it had, you got an impression of all of Vista without needing to review the rest of the operating system in depth (we did… and Visita Backup is a good summary of all those stupid changes).
Fast forward 9 months, and we have another thing to review in Vista that sums up Microsoft’s understanding of usability: the Windows Vista Device Driver Security Dialog.
NOTE: That is Vista, I just use the Windows Classic theme for performance… it’s 2x as fast as the Vista/Aero/Glass theme.
To give you some background, I was in the middle of installing the Garmin Training Center software for my new Garmin 305 GPS training watch. Here’s the steps that occured, all pretty standard:
- Pop in CD, Setup splash screen pops up
- Click “Install Training Center”
- Select an install dir, hit Finish
- Software installs, progress bar gets to 100%, then the installer seems to “hang”
This is where things get interesting and the intelligence that is the collective Microsoft management shows itself:
- I figure the installer is finalizing, so I click back to a chat Window I was working in and start typing, mid-sentence a Vista Device Driver Security dialog pops up (as seen above)
- The window immediately disappears because Microsoft, since the dawn of time, has always had the habit of setting default focus for windows on the least-destructive action… in this case it was the Don’t install this driver software button (You may also remember this maddeningly stupid design from IE, when a long download is done and it copies the download out of the tmp dir, if you are typing and hit Space, you will hit the newly focused “Cancel” button, destroying the operation. That’s still in Vista by the way. Mac fixed this problem like 6 years ago)
- I wait, and another security dialog comes up, this time I click “More details” because I have no idea what driver it’s trying to install. Have a look at that screenshot… that generic sentence at the bottom of the Window… that is the “more details”, you are not shown:
- The name of the driver
- The source or publisher of the driver
- Which process is trying to install the driver
- The path the driver is coming from
- Optional: What the driver does or is for
- Optional: Indication of what permissions are being requested (Install, Update, Delete)
- Because I failed the first driver, I didn’t want to end up with half an install, so I denied this driver and the next 2 prompts that came up with the intent of re-running the install.
- After the install was “done” I cancelled it and relaunched it.
It was at this point, after re-running the install and even removing then reinstalling that I realized I was never getting prompted for those drivers again. I couldn’t install them… Vista has saved my response to those drivers and that was it… I was done, now I cannot install these drivers.
NOTE: I don’t know if that is the actual logic implemented in Vista, but that is the behavior I saw.
To top this all off, after hitting “Finish” then “Close” on the Garmin software, I was prompted with the:
For these changes to take effect, you need to reboot your computer. Would you like to reboot now?
Naturally I clicked NO, and I kid you not, the next thing that happened was my open Windows (about 20) starts to systematically close, the Vista “these programs are currently hung” overlay came up, flashed off… then on… then off again, and more windows closed until finally my computer screen said “Shutting down”
… seriously? Did this just happen? Did Vista just allow an installer… a f*&@%ing installer to shut down my computer, closing everything I have open, loosing work that I was in the middle of?
Yep… it sure did. Brilliant, absolutely brilliant.
Keep in mind, I’ve actually had Vista shut down and restart my computer without prompting, I’ve also had an installer do that to me (How do installers have that permission and why is there a hook in Vista to blind-shut-down your computer?) and god knows that atleast once a month on a patch Tuesday, I’ll wake up to find out my computer has restarted itself, wiping out anything I was in the middle of.
Somehow every other OS vendor on the market gets around this problem, but not Microsoft.
These design choices are exactly why people are so amazed by Mac; because the machine doesn’t fight you. It’s not perfect, but it also doesn’t get in your way and eat up your time. Microsoft has taken a different approach with their software… your computer is theirs as long as you are running Windows, so you just better get used to it. It will do what they want it to do, and if it’s not busy, you can go ahead and use it.
I’m not being a Mac fanboy here… Ubuntu doesn’t even do this… Fedora Core either; it’s just Windows.
Loading ...
November 17th, 2008 at 12:54 pm
I have come to the conclusion that such sillyness from a Microsoft OS is actually by design. That way, some people will always buy the next MS OS hoping that some of these annoying things will be fixed. Who knows, it seems to be working for them so far… right?
November 17th, 2008 at 1:00 pm
tdod,
That honestly never crossed my mind before until you just typed that… I think you are on to something, because a lot of this retardation is some of the most-complained about bugs that they just refuse to fix. Before Mac came out and gave them a run for their money, I can only imagine what Vista was going to be… maybe just a reskinned Windows ME, who knows
November 17th, 2008 at 1:42 pm
I think you do not see the information for an unsigned driver is by design. Since the driver is unsigned, the information contained in the manifest is not verifiable and therefore untrusted. I could write “keystrokelogger.sys” and add “Microsoft Corp.” as the publisher, and when you went to install it, it would prompt that the unsigned driver was published by Microsoft. Do you trust Mom and Grandpa to understand the trustworthy a signed driver is vs. a unsigned driver? (no, the computer should “just work”)
You can see that MS changes information presented in the UAC elevation prompts — Mark Russinovich covered this feature at http://technet.microsoft.com/en-us/magazine/cc138019.aspx
Check out how the details that are displayed in the popup window are dependant on the signature type of executable (about 1/2 way down the page). I quote:
“The elevation dialog shows the image’s icon, description, and publisher for digitally signed images, but only a generic icon, the file name, and “Unidentified Publisher” for unsigned images. This makes it harder for malware to mimic the appearance of legitimate software.”
Hence why your unsigned driver dialog doesn’t trust the information passed to it.
Laurence
November 17th, 2008 at 1:55 pm
Laurence,
An awesome followup. From what you said it does sound like there is still an opportunity to display more information about the drive and *not* focus that “No don’t install” box immediately on fire up.
As far as Grandma/Grandpa understanding, I don’t expect them too, but I surely expect “More details” to display details… not just a cookie cutter sentence.
My point being that given all the security issues you raised (thanks for posting the ref) there are still about 9 better ways to display/inform and prompt users for action on this, and in true MS fashion, they’ve picked the least helpful. Even as an educated user (well, let’s say ‘competent’) I am given no choice to learn more about the driver.
I don’t think that’s helpful.
I imagine you would have felt a similar way if you were at home trying to figure out “Why am I getting this prompt?”, no?
November 17th, 2008 at 4:46 pm
Yeah, the dialog could be more helpful, but the issue is that when dealing with unsigned drivers/executables all bets are off.
.
When something goes outside the trust model, there is no safe way to trust it. About all you could show is the process information from the process that launched the driver install — but if the executable is unsigned, then you can’t trust the validity of that information as well — I could create a “WindowsSecurityUpdate.exe” by “Microsoft”
I’m more inclined to yell at the manufacturer for not signing the driver (as a side note, this driver WILL NOT INSTALL on X64 versions of Windows, as Vista X64 will not allow installation of unsigned drivers). That way you bypass the issue completely (scary dialog and all). When you become a bed-mate of Microsoft, you need to play by their rules (and pay your dues).
As much as the cancel default frustrates me as well (I’m a heavy keyboard user and have been nailed numerous times by the window-grabs-focus-and-cancel-is-default-and-gets-nailed-by-what-I’m-typing-to-another-window), having cancel as the default makes much more sense than OK. What if that was an “Application is trying to format your hard drive” prompt (ok pretty ridiculous, but it could have been a prompt for a disastrous system change)? I’d rather have to re-install an unsigned driver than have to recover from backup because I was typing into a chat window
.
Laurence