Why I will never use Windows 8 or Windows 10

I still use Windows 7 to the extent that I use Windows. When Microsoft released Windows 8, a major change to the OS was the introduction of Metro-style applications. With this change, they also introduced a code signing requirement for such applications. This restriction saw surprisingly little reporting; the Secure Boot panic probably distracted a lot of attention, and the fact that barely anybody actually wants to use Metro applications probably helped.

I myself have no interest in the use of Metro applications. Nonetheless, the introduction of such code signing restrictions constitutes a fundamentally unacceptable practice, and that is a road I will not go down.

Windows 8: code signing restrictions. Why did Microsoft introduce this requirement? Almost certainly because they thought (correctly) that they could get away with it, most notably because Apple had demonstrated without doubt that people would put up with it. Perhaps most depressingly the probable motive of Microsoft in this regard was not even necessarily an unchecked desire for control, but merely a cynical attempt to intermediate themselves in the sale of commercial software so that they could levy a commission.

In the first place, the term “sideloading” is inherently questionable. The term itself exudes connotations of slight illegitimacy or dubiousness, otherness, abnormality, non-canonicality, rather than being a (or the) normal, preferred vehicle for software installation, outdone in legitimacy by no other method.

However, another thing that I don't think has been commented upon is an unpleasant subtext to the way in which these code signing restrictions were applied. You see, these restrictions aren't actually very hard to get around. There are three avenues:

  1. Applications can be installed from the store, of course.
  2. You can get a “developer licence”. You have to have a Microsoft account, and supposedly this can be revoked in the event of “misuse”.
  3. They can also be installed via group policy, if a. the machine is in a domain, and c. the application is signed by a CA the domain trusts (such as an internal one).
  4. Finally, you can obtain and install a “sideloading product activation key” from Microsoft.

Notice how these categories translate to different categories of use: there are consumers, programmers, and enterprises. Two of these categories get to have control over their machines; the other category doesn't. From Windows 8 onwards, the operating system's behaviour diverges based on domain membership. There's no particular technical reason for this; merely an unspoken implication that enterprises deserve or need control of their machines, and other people don't. Windows is now essentially two operating systems, or perhaps more accurately one operating system with two personalities: a locked-down consumer version and an enterprise version. (Of course, Microsoft has always offered various versions of Windows, but these are merely attempts at market segmentation, and are essentially irrelevant to this discussion.)

Needless to say, I firmly reject this duplicity.

Windows 8: Microsoft accounts. The consumer/enterprise split continues in other areas. For example, Windows 8's consumer personality really really really wants you to tie your machine login to a Microsoft account. Even if I trusted Microsoft as completely as it is possible to trust someone, this would still seem like a stupid idea likely to introduce unnecessary couplings and at some point DoS me from my own computer; not to mention the security risks posed by remote password resets. There are almost certainly a handful of privacy issues too if I were to bother to turn over that particular rock.

Windows 8's consumer personality wants you to tie your account to a Microsoft account so much, it's quite good at tricking people into doing it. This post describes how someone got locked out of their own computer after tying their local account to a Microsoft account without even realising it. Thus, saying no isn't really an effective defence; it seems like this association can be effected almost by sneezing. And in the first place, the option not to associate with a Microsoft account when setting up Windows 8 confusingly requires you to select the “Create a New [implicitly Microsoft] Account” in order to find the local account option.

Windows 8: disk encryption. Another issue with Windows 8 is disk encryption. Windows 8 drops the diffuser element from BitLocker, and I'm not aware that any statement was even made on the reasons behind this. This significantly weakens the disk encryption used by BitLocker, which is hardly a compelling reason to upgrade. Perhaps most ridiculously, the diffuser is still supported for backwards compatibility, where a machine has been upgraded from Windows 7. So you can get Windows 7-grade disk encryption on Windows 8, but only if you install Windows 7 first, turn on disk encryption and then upgrade it.

Windows 10: telemetry. Most of the issues with Windows 8 carry over to Windows 10, but there are plenty of new ones. The most well reported concern regarding Windows 10 is probably the huge amount of telemetry the OS incorporates, and the corresponding privacy concerns. Some of this telemetry can be disabled, but not all.

Apparently telemetry has been backported to Windows 7 and 8 as an update; this page lists the known KB numbers. (Though that page also seems to recommend some quite strange things, such as not using IE10 or 11; use your own judgement.)

Windows 10: UWP code signing. There is one improvement with Windows 10: I'm to understand that Windows 10 has removed the Metro/“Universal Windows Platform” (UWP) application signing restrictions.

However Tim Sweeney points out that enabling sideloading requires the enablement of an obscure switch in the settings, and that this option could be revoked at any time via an update (see “mandatory updates” below).

Windows 10: UWP restrictiveness. Moreover, quite aside from any code signing restrictions, the UWP platform remains highly restrictive. This in itself is not necessarily a problem since people are free not to develop or use UWP applications, but it becomes highly concerning when considered together with claims that Microsoft is withholding from providing new functionality as it is developed to Win32 applications, and rather only providing it to UWP applications. This appears to be an attempt to goad developers into developing for UWP, rather than Win32.

The following issues have been reported:

I can only assume we're going to see more and more attempts to destroy Win32 by Microsoft, since I can't see why anyone would want to develop for this platform instead of Win32 unless there was no alternative.

Windows 10: Mandatory updates. Most egregiously of all, Windows 10 now attempts to force people to install updates. On “Home” versions of Windows 10, automatic updates cannot be disabled. Your only choice is between “reboot automatically” and “choose when to reboot”, and frankly, I'm willing to bet that choice is fake. (Even on Windows 7, Windows Update starts becoming very nagging and mutinous when you defer updating for several days. It starts displaying a countdown after which it reboots if you don't cancel it, clearly trying to catch you out if you're not at your computer. On Windows 7, you can disable this “feature” in Group Policy.)

(Of course, Windows's incessant need to be rebooted to install updates is an eternal byproduct of the moronic design of the Windows file locking system — but I suppose that deserves a whole separate article.)

People having the “Pro” version of Windows 10 apparently deserve more control over updates, because they can choose to use a different release branch, “Current Branch for Business”. This branch is, of course, also under Microsoft's control, so the actual difference to your control of updates is zero. It's essentially irrelevant to this discussion.

Only the “Enterprise” version offers something that resembles actual control, but it requires you to use WSUS and thus for machines to be part of a domain. This continues the split personality theme.

So if you use Windows 10, you don't as a user get to have control over updates unless you go to the absurd lengths of setting up a domain and WSUS. I don't doubt there will be easier ways to foil this mechanism — but I'm evaluating these issues based on the intent, not the execution.

Windows 10: Lock screen advertisements. This is not a joke, they are, by default, actually using the lock screen as advertising space now. On your own computer in your own home. You can turn it off, but points for sheer egregiousness.

Antitrust considerations. Microsoft is a convicted monopolist; indeed, it has seen antitrust action from both the US and the EU. It seems like there should be an open question as to whether Microsoft's bundling of the Windows Store with Windows 8 and 10 constitutes an antitrust violation, insofar that it is using a monopoly to leverage themselves into a new market. (The fact that UWP applications can only be developed using Microsoft development tools, as mentioned above, may be another issue for consideration.) There are already application stores for Windows, most notably Steam. Recall that Microsoft was subjected to antitrust action over the bundling of Internet Explorer, and also over the bundling of Windows Media Player. Rather asininely even in my opinion, Microsoft was made to release “N” versions of Windows without Windows Media Player. There is clear precedent that using a monopoly position to try and obtain dominance in other markets by virtue of bundling (let alone lockin) is a violation of antitrust law, both in the US and the EU.

The issues outlined by this article all cover only x86 versions of Windows. When Microsoft introduced the use of Secure Boot for Windows 8, there was grave concern about users' freedom to install other operating systems, which was adequately ameliorated by Microsoft requiring x86 machine vendors to include a way to turn it off. However, less commented was the fact that Microsoft's policy for ARM versions of Windows was the exact opposite; namely, that there must not be a way to disable secure boot, or indeed boot any non-Microsoft OSes. This demonstrates rather effectively that Microsoft's policy with regard to x86 machines is not in any way borne of good motivations, but simply a) the fact that they are a convicted monopolist in the x86 desktop OS market, a restriction which does not apply to their attempted entry into the ARM tablet market, and b) they don't think they'd be able to get away with it (whereas the market has failed utterly to oppose code signing restrictions as applied to mobile ARM devices with any energy whatsoever2, demonstrating that such control is ripe for the taking in the ARM market).

Since Valve have already been alarmed by Windows 8's signing restrictions — to the point that the entire existence of SteamOS is probably due to it — it seems like they would be well placed and motivated to take such action. (Not only that, Valve's SteamOS effort was probably the major factor in their support for Vulkan. I have no idea whether Valve's involvement hastened the release of Vulkan, but it's interesting to consider that history could come to record that the simple act of including restrictive code signing practices in Windows 8 resulted in a domino effect: the exodus of Valve from Windows, the rise of Vulkan and the fall of Direct3D from its position of dominance. This could further fracture the synergy Microsoft enjoys between Windows and Xbox due to their shared use of DirectX, which when combined with the rather disastrous launch of the Xbox One could lead to significant damage to both of these platforms.)

In fact, this very day, Tim Sweeney has joined the fight with an article in The Guardian decrying Microsoft's attempts to lock down their platform (arstechnica.com article). Perhaps companies concerned by Microsoft's actions in this regard could consider some sort of joint litigation effort.

I don't know what I'll do when Windows 7 ceases to become a viable operating system in terms of security, application support, and so on, if when that time comes the use of Windows in addition to Linux is still reasonable and/or sometimes necessary. Maybe I'll keep a Windows 7 VM, firewalled and disconnected from the internet. Or maybe something else. Cross that bridge when I come to it, I suppose.

1 Of course, “prevents” is relative; I'm sure anything can be bypassed with enough effort.

2 These restrictions may be commonly bypassed, but this fails to oppose the proliferation of such devices in the first place. If anything, it actually makes the situation worse, by making these policies tenable: “The best way to get a bad law repealed is to enforce it strictly.”

Addendum: I've also written a followup article about Microsoft's market betrayal.