Within Windows

Last month, Microsoft released its hardware requirement documentation for Windows 8 logo certification. This documentation contains Microsoft’s guidelines for designing systems which successfully meet Windows performance, quality, and feature criteria, to assure the optimum Windows 8 computing experience. As you’ve probably noticed, the blogosphere is hung up on one of the Secure Boot on ARM requirements, thanks to a single misguided post about this issue, completely missing the far more interesting information peppered throughout the document.

Here’s some of the more interesting requirements.

5-point digitizers
Microsoft requires that Windows 8 touch PCs use digitizers supporting a minimum of 5 touch points. Yep, you no longer have to hunt down information to answer that question: “Hey, does this thing do multi-touch?”. This requirement ensures your Windows 8 certified PC supports at least a hand of fingers on the screen, for all those gestures and finger-painting activities.

“Hey Windows 8, this is HP TouchSmart… you win.” (Even the newest HP TouchSmart only works with two touch points.)

NFC “touch marks”
Microsoft requires that Windows 8 PCs featuring NFC technology have “touch marks”. This one is a no brainer – A PC, likely a tablet or slate, must have a sticker or similar signage indicating where another NFC capable device can mate with it. I bring this up because we’re not used to NFC being visible in this manner. Today, NFC is available in Google’s new Galaxy Nexus phone for the most part. To invoke it, you presumably start a supportive application and mash it onto a NFC reader, moving it around until it beeps. With a larger form factor, however, knowing where the sensor is physically located becomes crucial to avoid Neanderthal-like clashing of tablets.

Hardware buttons
Microsoft requires that Windows 8 tablet/convertible PCs have 5 hardware buttons. Not three; not six. Five. Those buttons are:

• Power
• Rotation lock
• Windows Key
• Volume up
• Volume down

The Windows Key will be at least 10.5 mm in diameter and be sported in any number of shapes (e.g. circular, rectangular, square).

New button combo for CTRL + ALT + DEL
Microsoft requires that Windows 8 PCs joined to a domain and without keyboards implement new Ctrl+Alt-Del sequence. While the on-screen keyboard remains an option for logging into a domain-joined PC, the quicker (and new) option is to press Windows Key + Power.

Minimum component set for tablets and convertible PCs
Microsoft requires that Windows 8 tablet/convertible PCs feature a minimum set of components. Requiring partners to install a baseline set of components isn’t new, but we can now begin to drool over what future Windows 8 tablets/convertible PCs will look like. Here’s what a bare minimum Windows 8 tablet would look like:

• Storage: At least 10gb free space after the out-of-box experience completes
• System firmware: UEFI
• Networking: WLAN and Bluetooth 4.0 + LE (low energy)
• Graphics: Direct3D 10 device w/ WDDM 1.2 driver
• Resolution: 1366×768
• Touch support: At least 5 touch points, must pass all tests
• Camera: 720p
• Ambient Light Sensor: 1-30k lux capable w/ dynamic range of 5-60K
• Magnetometer
• Accelerometer: 3 axes w/ data rates >= 50Hz
• Gyroscope
• USB 2.0: At least one controller and exposed port
• Speakers

No reboot driver upgrades
Microsoft requires that Windows 8 PCs support no-reboot upgrade of graphic card drivers. Finally. While Windows Vista has supported reboot-less upgrades of WDDM drivers, enforcing that requirement was hard with unified driver sets containing both XDDM and WDDM drivers mixed in. With XDDM drivers gone in Windows 8, however, enforcement is easy and should be welcomed by users and gaming enthusiasts with wide open arms.

2 second resume … but not for ARM
Microsoft doesn’t require that Windows 8 ARM PCs resume in two seconds or less … only Intel-compatible Windows 8 PCs have this requirement. And yes, the two seconds max for Standby (S3) to “resume complete” requirement was in place since Windows 7. But I suspect ARM doesn’t come with this requirement because of architecture implementation volatility or, more likely, that Microsoft simply doesn’t yet have enough data in this space. As ARM improves and matures as a Windows host, I suspect we’ll see this requirement pop up in a future release.

Windows 8 Build 8175 – Start screen Personalization applet (© The Verge)

Back in September, I dissected the new Start UI in Windows 8 and wrote that readers should expect a new personalization UI. Well, it’s official! The Verge, today, uploaded some photos of a newer Windows 8 build running at CES, with a shot of the new Personalize applet amongst them. As suspected, Microsoft is offering users the option of customizing the background color and image, with limited options. Before you balk at the idea of only having 9 colors and 8 parallax background images to choose from, think about usability.

I’m not a UI designer or usability guru but you don’t need to be one to picture the hell that would ensue if a user set their background color to a bright orange. (If you can’t, I provided an example above.) The tile, as you can see, immediately loses its depth (due to the background image being impossible to see) and becomes difficult to retrieve information from.

Limitations have been imposed on the background image as well, for similar reasons. While my example isn’t great, you can kinda picture the problem. The left image has a square-based motif that slowly pans left or right, depending on swipe direction. This creates the illusion of depth. The image on the right, however, uses a custom horizontal gradient that creates infinitely reaching bars. As the user swipes left or right, the bars would remain unchanged in appearance. The effect would be lost.

While the customization community would lead you to believe they know what they’re doing and prefer unfettered customization access, the reality is Microsoft knows what’s better for all of us. If you insist on having that access, however, I’m sure desktop customization king Stardock will have something to play with soon enough.

The Verge story was corrected for the most part, thanks for emailing me Tom.

The Next Web published a follow up post re: the situation. It isn’t corrective in any way, but I got the gist of what Alex was trying to say: “I fucked up, sorry man.”

I hope I don’t get removed from the holiday card mailing list.

“Thank you note for every language” 
© woodleywonderworks

I see my friends Alex Wilhelm and Tom Warren covered some comments I made on the ChevronWP7 stream, bless them for that. Specifically, I made two comments on the stream, after successfully selling 10,000 unlocks close to the start of the New Year:

[1] ChevronWP7 Labs enters the New Year with 10,000 token sales under our belt. Hooah! ^RR

[2] Our agreement with Microsoft was to sell no more than 10,000 tokens, hence "sold out". We’re discussing if we want to up that number. ^RR

The use of our and we were references to “the ChevronWP7 team”, i.e. Chris Walsh, Long Zheng, and myself. I mean, the tweet did come from the ChevronWP7 account after all. Here’s how I designed it to be read:

We [the team] are still discussing if we [the team] want to up this number.

Here’s how it was interpreted:

MICROSOFT HATES THE WORLD; MICROSOFT IS SHUTTING DOWN CHEVRONWP7; THEY DENIED THEM TOKENS!!!!11111

Microsoft isn’t involved in our discussion yet. And they can’t provide us with more unlocks because we haven’t asked yet. If we do request more, we’re sure Microsoft will respond positively – as they have in the past.

What frustrates me is that I know and like these guys personally, but corners were cut and no fact checking was performed. Despite being only a Skype call/KiK/email/IM away, no one bothered to contact me or anyone on the team.

Now I’m stuck with cleaning up the mess.

It’s 5am, I haven’t slept. A critical ASP.NET security update is being issued out-of-band today. Immediately, I sprung into “what the hell, Microsoft?” mode, given our government (US-CERT) indicated Microsoft was contacted about this back on November 1. (And the fact I have to worry about ChevronWP7 Labs on Azure and our product at work.) I went as far as to complain on Twitter, my channel of choice. But a few Microsoft folks pinged me, forcing me to do some fact checking.

Yep. I should’ve known not to blindly trust what was on US-CERT, sigh.

Upon inspection of the actual disclosure one area jumped out at me:

Vendor communication:
2011/11/01 Coordinated notification to PHP, Oracle, Python, Ruby, Google
via oCERT

2011/11/29 Coordinated notification to Microsoft via CERT

Yep. These guys waited an arbitrary 30 days (in reality, less) before publishing it to the world. Never mind that this issue affected Microsoft .NET Framework 1.0 and up. Never mind that this framework has been built into Windows since Windows XP. Never mind patches for all these platforms have to be engineered and tested. Never mind it’s the fucking holidays and people have families they’re spending time with. Never mind this doesn’t just affect ASP.NET but also web frameworks written in Java, Python, Ruby, PHP, and JavaScript (think node).

I couldn’t find a shred of evidence to suggest this flaw was being exploited by malicious actors or that the information was discovered by other folks – possible reasons that would have explained such a disclosure. This appears to just be a classic case of dirtbagery.

Here’s how the adults handle this, take notes guys: