Microsoft has made some bold claims about its forthcoming Windows 10X operating system, which will run on the dual-screen Surface Neo device.
Attendees at the Microsoft 365 Developer Day, held yesterday, were told Windows 10X will maintain state separation between the operating system, drivers and applications, which will enable Windows updates in "less than 90 seconds." The operating system is "read-only" for applications, so no more registry cleaners or "OS rot" slowdown. It will take advantage of Intel's Lakefield, a mobile chipset with both power-efficient small cores for long battery life and a high performance large core when needed.
What is OS rot? "A rolling computer gathers 'cruft'," observed our own Verity Stob in her pre-Register days, defining 10 stages from Cruft Force 0 "Virgin" to Cruft Force 10 "Expiry" – when the machine only runs in Safe Mode at 16-color 800x600. Windows has improved since 2002, when that column was written, but problems still occur, particularly in unmanaged environments where unnecessary applications get installed and the notification area (sometimes called the system tray) fills with stuff running in the background. There is no system tray in Windows 10X.
In its publicity, Microsoft is emphasising the dual-screen aspect, but there is more to it. It's also another attempt to remould Windows for security while (mostly) preserving backwards compatibility. Past efforts include Windows RT, where users could install only Store apps or use pre-installed desktop applications, and more recently Windows 10 S mode, where users can only install Store apps. Further, the Universal Windows Platform (UWP), which evolved from the Windows 8 application model, is designed to be better behaved than old-style Win32 applications, with a degree of isolation and automatic suspend and resume.
In Windows 10X, Microsoft is introducing a new simplified shell – the desktop environment from which users launch applications – which does not support the aforementioned system tray, File Explorer add-ons (which typically add right-click options for files), or global mouse, keyboard or window hooks, used by applications like dictation software to work with every application you run.
Applications will run in containers. Containers - for the uninitiated - are like lightweight virtual machines, sharing the resources of the operating system but also isolated from it.
Program manager Peter Torr explained the three types of containers in Windows 10X.
- First, the Win32 container is new, though apparently it borrows technology from the Windows Subsystem for Linux. A single Win32 container will run all Win32 applications – meaning x86 or x64 desktop applications. User data like documents and multimedia will live outside the container but the applications will have seamless access, provided they are in standard document locations. Some private data will not be visible from the Win32 container. If you run Win32 system tools and utilities, they will have no special privileges to see outside the container.
- Then there's the MSIX container, which already exists in Windows 10. MSIX is a packaging format "based on a combination of .msi, .appx, App-V and ClickOnce installation technologies", according to the docs. It is Microsoft's recommended means of deploying Win32 applications and gives them some isolation and clean install and removal. In Windows 10X, MSIX packages will run inside the Win32 container.
- Lastly, there's the UWP or native container, which also already exists in Windows 10. This is used for UWP applications and has the lowest system overhead, according to Torr. Microsoft also refers to these applications as "running on the host", meaning that they rely on existing UWP mechanisms for isolation.
Are these really containers?
The word has a broad definition, so there is scope for argument. What matters is the extent of the isolation from the operating system. The Win32 container is something of a brute-force approach, taking everything that is needed to run desktop Windows applications and shoving them into a safe compartment. They all run there together, though, so while the core operating system is protected, there is still potential for your Win32 container to become corrupted. If it does, your documents should still be safe.
The key elements in Windows 10X: applications in containers, with Win32 applications accessed by RDP technology
Access to Win32 applications will use Microsoft's Remote Desktop (RDP) technology under the covers. Therefore, when you run something like Microsoft Word, it will run in the Win32 container and you will open a kind of remote session into it. This has implications for how these applications interact with the hardware. RDP has some clever features to support things like local printing but there are limitations. It seems that some of these remain in Windows 10X. According to Torr:
- All "typical hardware" works with a "fast path" to the host OS
- There is no support for "non-standard hardware or app-installed drivers"
- Privacy-sensitive hardware like the camera is under user control. You could choose to bar the Win32 container from your camera. However, this is not per application – you have to give permission to the entire container
What will happen if a Win32 application tries to install a system tray applet or Explorer add-on? The API still exists, said Torr, but it is no-op. The API calls will succeed but do nothing.
The idea is that, in Windows 10X, no startup applications are allowed. That said, it will be possible to install services that run in the background. If you are not running any Win32 applications, Windows will reduce the resources available to the Win32 container. Microsoft is considering an option to keep the Win32 container always running, said Torr, implying that without that option you cannot be sure that a background service in the Win32 container will always be active.
UWP applications will have app-specific permissions as they do today. If developers want to avoid the potential issues with the Win32 container, the solution will be to write UWP applications instead. Hybrid Win32/UWP apps will not be supported at all on Windows 10X.
Microsoft also dropped the veil on a new Windows concept called "Signed and Reputable mode". According to principal program manager lead John Vintzel, if you run only Microsoft, UWP and "apps with good reputation", there is no need to run antivirus software. Users can opt out of this mode, in which case the need for antivirus software returns. Developers will have to think about building reputation for applications, done by migrating to MSIX, using code-signing, submitting applications for analysis, and increasing adoption so that Microsoft has telemetry on application behaviour.
The issue, as ever, will be compatibility with the vast range of legacy Windows applications, and the fact that users like the freedom to install and run whatever they want. Microsoft is trying to make Windows 10X seamlessly compatible for users, but the restrictions it imposes and the technology it uses (containers and RDP) will mean that some applications will not work as expected. The lack of system tray applets and File Explorer add-ins will be a problem, and the new "simplified shell" will not be to everyone's taste. There was no detail yesterday on the subject of accessibility. Microsoft will no doubt have some solutions, but it sounds as though accessibility software for Win32 applications will need adapting to work on Windows 10X as it relies on features that won't work.
The dual-screen aspect is important too, and a compelling user experience and application support here would help adoption. The hope must be that if adoption is sufficient, developers will be forced towards UWP and Microsoft can achieve the modernised Windows of its dreams.
Eran Megiddo, corporate veep for Windows and education, said last year: "Windows 10X will be available on dual-screen and foldable devices starting in the fall of 2020, in time for the holiday season. These will include both Microsoft Surface and devices from several Windows ecosystem partners including ASUS, Dell, HP and Lenovo. The first wave of devices will vary in size, design and specs, and be powered by Intel."
You can view the Developer Day on-demand sessions here. ®
Sponsored: Ransomware has gone nuclear