Tag Archives: microsoft

cloud computing, microsoft, windows

The PC puzzle: does the sales drop implicate or justify Windows 8?

9 Comments

Gartner has joined IDC in releasing figures showing a steep drop in PC sales for the first quarter of 2013.

Worldwide PC shipments totalled 79.2 million units in the first quarter of 2013, an 11.2 per cent decline from the first quarter of 2012, according to preliminary results by Gartner, Inc. Global PC shipments went below 80 million units for the first time since the second quarter of 2009. All regions showed a decrease in shipments, with the EMEA region experiencing the steepest decline.

says the release. In EMEA the decline was 16%. In the US, the decline was only 9.6%, but marked the 6 consecutive quarter of decline.

Gartner does not give worldwide figures for Apple, but says that its shipments grew by 7.4% in the US, which is a particularly strong market for Apple, giving it an 11.6% market share.

One bright spot for Microsoft:

Unlike the consumer PC segment, the professional PC market, which accounts for about half of overall PC shipments, has seen growth, driven by continuing PC refreshes.

That will please the folk at the event I am attending right now, the Microsoft Management Summit in Las Vegas, which is about managing servers, PCs and other devices in the enterprise. The consumerisation of IT is real, and so is Bring Your Own Device, but never underestimate the extent to which Windows is embedded in business.

Still, does the overall decline prove that Windows 8 was a huge mistake, and that Windows/Microsoft is now set for long-term decline?

image

Not necessarily. There is another way to look at these figures, which is that Microsoft was correct to conclude, back when Windows 8 was planned, that tablets and touch devices would erode the traditional PC market, and that it had to take the risk of reshaping its desktop operating system accordingly.

It is plausible, even likely, that PC sales would not have declined so fast if Windows 8 had been less radical. On the other hand, the long term cost of not reshaping the Windows UI for touch, nor introducing the app store model of software deployment, would probably be greater.

Put another way, the Windows 8 experiment means that PC sales may eventually stop declining, whereas without it they would continue to trend download, even though the curve for this last quarter might be less shocking.

Even if you accept this reasoning, you can still argue that the Windows 8 tablet personality is so poorly executed that it cannot compete with iOS and Android devices. Most Windows 8 users live on the desktop, even those with touch screens and tablets. I am seeing a lot of Surface Pro here in Vegas, with users loving its portability, performance, and elegant keyboard cover, but I see it being used like a laptop, not like a tablet.

Microsoft undoubtedly made mistakes in the initial release of Windows 8, the biggest problem being that the Windows Runtime side, which supports the tablet personality, was rushed out and is really not finished. Creating excellent and good-looking apps is harder than it should be, which is one reason why there are so few.

  • The Windows 8 experience for new users, especially those with long familiarity with earlier versions, is so poor that many prefer to stick with Windows 7. A few tweaks and compromises would have made this easier.
  • Windows RT, the ARM based edition which runs only “Modern” apps and Office, is spoilt by poor performance as well as the lack of good apps. The absence of Outlook from Office in Windows RT spoils its for the business market, where it is potentially attractive as a cost-effective, secure tablet operating system.
  • Microsoft’s OEM and retail partners do not seem to know how to sell Windows 8.

When I put these points to some Microsoft folk informally here at MMS the answer I got was “Blue will make you happy.” Blue, according to these guys, is not the code name for a new version of Windows. Rather, it is a process of incremental updates which users will get automatically. It is well-known of course that significant Windows 8 updates are on the way, and builds have been leaked.

Windows 8 has made a bad start, but it is not all bad. The desktop side (which is what most of us use most of the time) improves on Windows 7, and it is plausible that a combination of user learning along with updates that make the transition to the new Start screen less jarring will make adoption easier.

Equally, the Windows Runtime side will get better. I expect to see new and improved components for developers building apps, and better reliability and performance. Outlook is rumoured to be coming to Windows RT, and at some point we may also see versions of Office applications appear in the Modern UI.

Windows RT will have a tough fight with Intel-based tablets, but users will win either way, since next-generation ARM chipsets are much faster and Intel is making great strides with low-power, high-performance chipsets of its own.

Incidentally, Windows RT is not quite dead. I heard a questioner here at MMS ask questions about how to deploy their forthcoming purchase of a “large quantity” of RT devices.

Microsoft is at times a stumbling giant, but it is stumbling in the right direction with Windows 8, and it may yet work out. Even if by then it is called Windows 9.

microsoft, professional, virtualization, windows

Microsoft takes aim at VMware, talks cloud and mobile device management at MMS 2013

2 Comments

I am attending the Microsoft Management Summit in Las Vegas (between 5 and 6,000 attendees I was told), where Brad Anderson, corporate vice president of Windows Server & System Center, gave the opening keynote this morning.

image

There was not a lot of news as such, but a few things struck me as notable.

Virtualisation rival VMware was never mentioned by name, but frequently referenced by Anderson as “the other guys”. Several case studies from companies that had switched from “the other guys” were mentioned, with improved density and lower costs claimed as you would expect. The most colourful story concerned Dominos (pizza delivery) which apparently manages 15,000 servers across 5,000 stores using System Center and has switched to Hyper-V in 750 of them. The results:

  • 28% faster hard drive writes
  • 36% faster memory speeds
  • 99% reduction in virtualisation helpdesk calls

That last figure is astonishing but needs more context before you can take it seriously. Nevertheless, there is momentum behind Hyper-V. Microsoft says it is now optimising products like Exchange and SQL Server specifically for running on virtual machines (that is, Hyper-V) and it now looks like a safe choice, as well as being conveniently built into Windows Server 2012.

I also noticed how Microsoft is now letting drop some statistics about use of its cloud offerings, Azure and Office 365. The first few years of Azure were notable in that the company never talked about the numbers, which is reason to suppose that they were poor. Today we were told that Azure storage is doubling in capacity every six to nine months, that 420,000 domains are now managed in Azure Active Directory (also used by Office 365), and that Office 365 is now used in some measure by over 20% of enterprises worldwide. Nothing dramatic, but this is evidence of growth.

Back in October 2012 Microsoft acquired a company called StorSimple which specialises in integrating cloud and on-premise storage. There are backup and archiving services as you would expect, but the most innovative piece is called Cloud Integrated Storage (CiS) and lets you access storage via the standard iSCSI protocol that is partly on-premise and partly in the cloud. There was a short StorSimple demo this morning which showed how how you could use CiS for a standard Windows disk volume. Despite the inherent latency of cloud storage performance can be good thanks to data tiering, which puts the most active data on the fastest storage, and the least active data in the cloud. From the white paper (find it here):

CiS systems use three different types of storage: performance-oriented flash SSDs, capacity- oriented SAS disk drives and cloud storage. Data is moved from one type of storage to another according to its relative activity level and customer-chosen policies. Data that becomes more active is moved to a faster type of storage and data that becomes less active is moved to a higher capacity type of storage. 

CiS also uses compression and de-duplication for maximum efficiency.

This is a powerful concept and could be just the thing for admins coping with increased demands for storage. I can also foresee this technology becoming part of Windows server, integrated into Storage Spaces for example.

A third topic in the keynote was mobile device management. When Microsoft released service pack 1 of Configuration Manager (part of System Center) it added the ability to integrate with InTune for cloud management of mobile devices, provided that the devices are iOS, Android, Windows RT, or Windows Phone 8. A later conversation with product manager Andrew Conway confirmed that InTune rather than EAS (Exchange ActiveSync) policies is Microsoft’s strategic direction for mobile device management, though EAS is still used for Android. “Modern devices should be managed from the cloud” was the line from the keynote. InTune includes policy management as well as a company portal where users can install corporate apps.

What if you have a BlackBerry 10 device? Back to EAS. A Windows Mobile 6.x device? System Center Configuration Manager can manage those. There is still some inconsistency then, but with iOS and Android covered InTune does support a large part of what is needed.

microsoft

Office 2013 Home and Business requires a Microsoft account to activate, a nuisance for Office 365 users

4 Comments

A small business contacted me with a perplexing problem related to Office 2013 and Office 365. The scenario looks like this:

  • All their staff have Office 365 E1 accounts (for small and midsize businesses)
  • They normally buy laptops with Microsoft Office. That would normally be the OEM version or more recently the Product Key Card (PKC) equivalent. This is licensed only for the PC on which it is first installed.
  • Since they already have Office, purchasing the more expensive Office 365 subscription (£9.80 vs £5.20, or £55.20 extra per user per year) which includes desktop Office is poor value (update: see comments for more notes on this option).

With me so far? Now comes the moment when a new member of staff joins, for whom a new laptop is purchased. They buy with it the closest equivalent to the Office 2010 Product Key Card, which is Home and Business 2013, this guy:

image

Note the designation Home and Business, indicating that it is fine for business use.

Next, they set up the laptop for Office 365 and install their new Office 2013. Only there is a problem. Office Home and Business cannot be activated without a “Microsoft account”. You might think that an Office 365 subscription counts as a “Microsoft account” but it is the wrong kind: it is an “organizational” account in Microsoft’s jargon, which is a subtly different creature. The Office 2013 purchase is then tied in to some extent to that account.

Specifically, the normal way to install is to go to http://www.office.com/setup. When you do, you enter the supplied product key, following which the unavoidable next step is to sign in with a Microsoft account.

Another feature of Office Home and Business 2013 (again different from Office 2010) is that there is no way (that I know of) to install it other than via Click and Run, which uses application virtualisation. Personally I prefer the non-virtualised install, after experiencing problems with previous versions of Click and Run. Maybe these are fixed now, maybe not, but this choice has been removed.

You can also install from a DVD as discussed here, if you download the DVD image from Microsoft. Unfortunately this is still a click-to-run install, and still requires a Microsoft account. You can enter the product key when invited to activate, but the process will not complete without logging in online. If you sign into Office 365 instead, you get an error. I also spotted this message:

image

It says, “You’re currently signed in with an organizational account. To view or manage any consumer subscriptions you may have purchased, please sign in with your Microsoft account.” This intrigues me, since if you have purchased a perpetual product called “Home and Business” you might imagine that is it neither consumer, nor a subscription.

There are a couple of problems with the requirement for a Microsoft account. One is that the business does not want the employee to start using features like Skydrive which are attached to any Microsoft account other than Office 365. Another is that the employee may leave, and the laptop transferred to somebody new. With the old Office 2010 PKC, which did not require a hook to a Microsoft account, that was a smooth transition. Office is licensed for the laptop, not the individual. The new Office 2013 is still licensed only for one laptop, but also has some sort of relationship to an individual Microsoft account, which will be a nuisance if that person leaves the company.

You can overcome these problems by purchasing a volume license for Office 2013 instead. The ideal product is Office Professional Plus. You can install it without using click-to-run and it does not require a Microsoft account to activate. But you guessed: this costs more than double the cost of Home and Business 2013. The approximate ex-VAT cost in the UK is £150 for Home and Business, versus £375 for Professional Plus.

The dependency on a Microsoft account is not clear on Microsoft’s site. The specifications for Office Home and Business are here. It says:

Certain online functionality requires a Microsoft account.

True; but in this case the product cannot be activated at all without a Microsoft account. It is useless without it.

The workaround is to give in and create a Microsoft account just for the purpose of activating Office. Of course you need an email address for this, though apparently (taking this from the above referenced discussion) you can activate up to 10 Office 2013 installs with one Microsoft account.

Once activated, there is no problem that I am aware of with using the product with Office 365.

It is still messy, since that Office install is forever linked with the Microsoft account you use, even though it is intended for use with Office 365.

Taking a wider perspective, it also seems to be that there may be purchasers who want to use Microsoft Office in part because (unlike, say, Google apps) it does not require online sign-in. They may prefer not to have a Microsoft account. With Office 2010 that was easy, but not with this new edition, and I am not seeing this spelt out in the product descriptions. Once you get it home, you will spot this on the packaging:

image

Considering the complications of using Home and Business 2013 with Office 365, it looks like the best option is to upgrade to the Office 365 subscription type which includes desktop Office, but that is a heavy financial penalty for a business that has already purchased Office for all its laptops.

cloud computing, microsoft, mobile

Microsoft’s growth areas: Azure, Server with Hyper-V, Office 365, Windows Phone

1 Comment

Microsoft has left slip a few figures in posts from PR VP Frank Shaw and platform evangelist Steve Guggenheimer.

Observers have tended to focus on Windows “Blue” and what is happening with Microsoft’s core client operating system, but what caught my eye was a few figures on progress in other areas.

  • Windows Azure compute usage doubled in six months
  • Windows Azure revenue growing 3X
  • Office 365 paid seats tripled year on year last quarter
  • Server 2012 Datacenter edition licenses grown 80%

A notable feature of these figures is that they are relative, not absolute. Office 365 is a relatively new product, and Windows Azure (from what I can tell, since Microsoft did not release numbers) performed rather badly until its renaissance in early 2011 under Satya Nadella, Scott Guthrie and others – see here for more about this). It is easy to post big multiples if you are starting from a small base.

This is real progress though and my guess is that growth will continue to be strong. I base this not on Microsoft’s PR statements, but on my opinion of Office 365 and Windows Azure, both of which make a lot of sense for Microsoft-platforms organisations migrating to the cloud.

Why the growth in Server 2012 Datacenter? This one is easy. Datacenter comes with unlimited licenses for Windows Server running in Hyper-V virtual machines on that server, so it is the best value if you want to the freedom to run a lot of VMs, especially if some of those VMs are lightly used and you can afford to overcommit the processors (you need a new license for every two physical processors you install).

Here’s another figure that Shaw puts out:

Windows Phone has reached 10 percent market share in a number of countries, and according to IDC’s latest report, has shipped more than Blackberry in 26 markets and more than iPhone in seven.

Spin, of course. This February report from IDC gives Windows Phone just a 2.6% market share in the 4th quarter of 2012. Still, it did grow by 150% year on year, thanks no doubt to Nokia’s entry into the market.

My personal view is that Windows Phone will also continue to grow. I base this on several things:

  • I see more Windows Phones on the high street and in people’s hands, than was the case a year ago.
  • Windows Phone 8 is decent and the user interface is more logical and coherent than Android, which mitigates a lack of apps.
  • Nokia is bringing down the price for Windows Phone devices so they compare well with Android in the mid-market below Apple and the premium Android devices.
  • There is some momentum in Windows Phone apps, more so than for Windows 8. Guggenheimer notes that downloads from the Phone Store now exceed 1 billion.

The context of the above is not so good for Microsoft. It is coming from behind in both cloud and mobile and the interesting question would what kind of market share it is likely to have in a few years time: bigger than today, perhaps, but still small relative to Amazon in cloud and Apple and Android in mobile.

There is also the Windows 8 problem. Many prefer Windows 7, and those who use Windows 8, use it like Windows 7, mostly ignoring the tablet features and new Windows Runtime personality.

How will Microsoft fix that? Along with leaked builds of Windows Blue, Microsoft has announced the next Build conference, which will be in San Francisco June 26-28, 2013 (I am glad this will not be on the Microsoft campus again, since this venue has not worked well). There is a lot to do.

image

development, microsoft, software development, visual studio, windows

Microsoft’s Windows 8 app problem will not be solved by incentivising junk

3 Comments

Microsoft has launched a “Keep the cash” offer to developers. Publish up to 20 apps, 10 for Windows Phone and 10 for Windows 8, and get $100 for each of them.

image

The offer is little use for most of the world. The terms state that “Offer good only to legal residents of the 50 United States & D.C. aged 18 or older”.

It is little use for Microsoft either. How much development time does $100 buy? Still, there is a way to make sense of it for hobbyists or developers with some spare time. What you do is to create one of those apps that does very little but is specific to something like a particular sports team or pop star, and maybe searches the web for news about them. Then you replicate it 10 times over for 10 different teams or celebrities. Then you adapt it for both phone and Windows 8 store. That’s 20 apps, $2000.

In other words, the only thing this will achieve is to increase the amount of dross in these two stores. Microsoft is pumping the numbers, so that there is an appearance of success on the most naive analysis, counting the apps.

Incidentally, this is something that Windows Store VP Antoine LeBlond assured me Microsoft would not do, at the launch of Surface RT in New York last year.

Does Microsoft have an app problem? Yes, particularly on Windows 8. Windows Phone 8 is less of a problem; Microsoft’s phone is actually building some momentum from what I can tell and app availability is not too bad, despite some gaps such as Instagram and BBC iPlayer.

The app problem is nothing to do with quantity though. 10 good apps for the Windows Store is worth more to the platform than 10,000 poor ones. In fact, filling the store with junk is a negative that will cement the perception that there is little there that is worthwhile.

Rather, the app problem is the consequence of several factors:

1. The development platform is not good enough. Most things can be done, but not easily, and the default look and feel results in blocky apps that tend to scale badly on big screens. The built-in controls are too primitive. The user interface is insufficiently intuitive and users struggle to discover the menus and features hidden in the Charms bar.

2. Microsoft has so far failed to establish Windows 8 as a tablet platform. The reasons are complex and to do with the Windows heritage, the way OEM and retail partners treat Windows, and the fact that there are other tablet platforms (iOS and Android) out there which meet the need for many people.

3. Windows 8 is out there in reasonable numbers, but most users spend most of there time in the desktop, making the Windows Store app platform less successful than the quantity deployed would suggest.

4. Businesses are mainly standardising on Windows 7, not Windows 8, to the detriment of the new app platform.

In this context, the best thing that could happen for Windows 8 is the appearance of new compelling apps that will drive users to the underused tablet personality. Microsoft could and should do some of those (there are a few efforts, like Fresh Paint).

Those apps, though, will not be developed for $100. They will be developed either by enthusiasts who love the platform (which will not happen until the platform is improved), or by businesses who invest real money and effort in building them.

As it is, this misguided initiative does little other than to draw attention to the problems Microsoft has with its new Windows.

microsoft, windows

Windows 8 is another Vista says Samsung memory guy: is he right?

4 Comments

Samsung’s Jun Dong-soo, president of the memory chip division, has likened Windows 8 to Vista and says it has failed to boost PC sales.

”The global PC industry is steadily shrinking despite the launch of Windows 8. I think the Windows 8 system is no better than the previous Windows Vista platform,” he said in a press briefing in Seoul, as reported by the Korea Times. [The link no longer works for me, though the article lives on in Google’s cache].

image

Is he right? I suspect that the tech world from the perspective of a memory chip manufacturer looks different than it does, say, from the perspective of someone considering Microsoft’s Windows strategy more broadly. Has Windows 8 stimulated demand for PCs, and therefore the memory that goes in them? Generally, no.

Equally, just as in the days of Vista, there is plenty of folk wisdom out there advising people to stick with the previous version of Windows, since the new one is more trouble than it is worth.

The parallel is not unreasonable then. Look a bit closer though, and there are as many differences and likenesses. I wondered if this could be expressed as a table, though no doubt there will be debate over the detail and other things that could be included.

  Strategic reasons for failure – necessary annoyances Long-term goal
Windows Vista User Account Control – usability and compatibility problems. Annoying and confusing prompts. Better security in Windows, better behaved applications
  Performance issues, high memory demand caused by Desktop Windows Manager Rich hardware-accelerated graphics, taskbar thumbnails etc
  Bugs and mistakes  
  Stuttering audio caused by poor drivers  
OEM vendors release Vista on underpowered hardware, laden with usual trialware rubbish  
Windows 8 Strategic reasons for failure – necessary annoyances Long-term goal
  Combining new tablet platform with old desktop jarring and confusing for users. Absence of Start menu from desktop disorienting. Establish Windows as a viable tablet platform and one that can plausibly converge with Windows Phone.
  Create ARM build of Windows, locked down so that no new desktop apps can be installed. Windows tablets that benefit from ARM efficiency, are not weighed down with legacy app compatibility issues, and which are more secure and less prone to degrade over time.
  Bugs and mistakes  
  Release Windows 8 with poor Windows Store apps pushing users to desktop alternatives  
  Windows Runtime platform not really ready, too difficult for developers to make great apps  
  Failure to get Windows OEMs and retail channel to understand and promote it as a tablet platform  
  ARM machines including Surface RT too slow; really needs next generation eg Tegra 4  

The point of the above is both positive and negative for Microsoft. On the negative side, it has nobody but itself to blame for some of the problems around the launch of Windows 8. The Windows Runtime platform should have been in a better state for launch, the built-in apps should have been better (especially Mail), and despite ample evidence of the difficulty new users had when first encountering Windows 8, little regard was paid to the problem. OEM and retail partners then compounded the error by simply turning the handle and putting out a bunch of laptops with Windows 8 in place of Windows 7. I regularly see “Windows 8” displays where there is not a single touch-capable machine, which is extraordinary given that support for touch was the primary new feature and goal.

On the other hand, if you look at the pain points in Vista that were strategic rather than blunders, you can see that they did, eventually, succeed. Windows 7 builds on Vista and by general consensus is the best ever version of Windows. While I prefer 8 for various reasons, including its better performance and some useful UI improvements on the desktop side, Windows 7 has the more coherent and satisfying user interface.

The further implication is that the Windows 8 pain may yet prove worthwhile, if Microsoft can fix the annoyances and improve the Windows Runtime platform, and if OEMs can grasp the demand for Windows tablets when done right.

The difficulty with the above is that when Vista came out there was really nowhere to go, other than to the Mac for those looking for high-end personal laptops or desktops (and Vista was generally helpful to Apple). Windows 8 on the other hand has appeared at a time when the PC ecosystem seems under threat from the surge towards mobile and towards Android and iOS tablets. Even if Microsoft gets it right next time, it is unlikely to dominate as before.

.net, development, microsoft, professional, software development

Internal Windows Runtime apps are prohibitively expensive to deploy, says Microsoft Regional Director

5 Comments

Now we know why Microsoft has been so reluctant to divulge details of how to deploy a business app that uses the Windows Runtime (also known as Metro apps or Windows Store apps; though in this case the Windows Store app designation is particularly silly since these apps are precisely not Store apps).

Presuming Windows MVP and Regional Director Rockford Lhotka is correct, a business that wishes to sideload Windows Runtime apps (in other words, to deploy but not via the Windows Store), a business needs to purchase a $30 sideloading key which, by a stroke of marketing genius, is only available in packs of 100.

image

Note the above screen grab shows a price of more than $30.00. I believe this is because Lhotka’s figures do not allow for any reseller markup, though there could be regional differences as well.

Here is what Microsoft’s Antoine Leblond said back in April 2012:

To enable sideloading of a Metro style app onto a PC:

  • Set Group Policy for “Allow all trusted apps to install”. If you cannot use Group Policy, then you can set this through the following setting: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Appx\AllowAllTrustedApps = 1
  • Verify that the app is signed by a CA that is trusted on the target machines
  • Activate a special product key by using a script on the target machine to enable sideloading. We’ll go into more detail about how the IT admin will acquire the product keys in an upcoming blog post. The product key only needs to be install and activated once on the PC.

I have not seen the promised upcoming blog post but would be interested in doing so if anyone has a link?

Sideloading keys are only valid on Windows 8 Pro or Windows 8 Enterprise.

As a further disincentive, if you want to avoid running a PowerShell script on each target machine, you will need either System Center or InTune to manage the PCs. InTune is the cheaper option, at $6.00 per device per month. Lhotka calculates:

Let’s assume that your organization has 100 Windows RT or Windows 8 Pro devices, so you buy $3000 worth of side-loading keys. And let’s assume you use InTune. Finally let’s assume your devices have a 3 year life – which is pretty typical for corporate devices where you buy a service agreement from Lenovo or Dell or another vendor.

These 100 devices will cost $3000 for keys, plus $6 per device per month. This means that your org with 100 devices will pay around $23,000 extra to deploy a WinRT app just for this licensing.

and he concludes:

Right now it appears that Microsoft has worked very hard to devise a licensing and deployment scheme for WinRT apps designed specifically to discourage the creation of any WinRT business apps. Whether this is intentional or accidental I can’t say, but it is surely the case that no responsible business or IT manager could look at these scenarios and think that a move to WinRT for business app development makes sense at this time

That said, I am not sure he is being completely fair. I doubt a business will subscript to InTune just to support sideloading, and for those who do not want to subscribe, running a PowerShell script is not that hard. It seems to me that the problem could be mostly fixed by offering the sideloading keys in smaller packs.

I would add that now is probably not the moment to deploy a Windows Runtime app. The platform is not as good as it should be, and there is a case for waiting for the first major update in my opinion.

Still, $3000 for a licence pack is substantial, especially for a small business with fewer than 100 PCs.

The “Modern UI” side of Windows 8 has not taken off as yet, and a rational approach would be to encourage rather than discourage corporate developers to target the platform.

Note: a Microsoft Regional Director does not work directly for Microsoft. Lhotka works for Magenic. A Regional Director is an independent professional who is recognized for their ability to train and evangelise development on Microsoft’s platform.

microsoft, mobile, professional, Uncategorized, windows

Windows Phone 8 enterprise security versus Blackberry 10 Balance and Samsung Knox

How good is Windows Phone 8 security? Actually, pretty good. The key features are described here [pdf]:

  • Trusted Boot prevents booting to an alternative operating system, using the UEFI secure boot standard.
  • Only signed operating system components and apps can run.
  • App sandboxing:

    No communication channels exist between apps on the phone other than through the cloud. Apps are isolated from each other and cannot access memory used or data stored by other applications, including the keyboard cache.

  • Private internal app distribution by businesses who register with Microsoft
  • Password policies set through Exchange ActiveSync (EAS)
  • Built-in device management client
  • Bitlocker encryption when set by EAS RequireDeviceEncryption policy. AES 128 encryption linked to UEFI Trusted Boot.
  • SD card data is not encrypted, but the OS only allows media files to be stored on SD cards.
  • Information Rights Management can prevent documents being edited, printed, or text copied (other than tricks like photographing the screen).
  • Remote Wipe

The security features in Windows Phone 8 are largely based on those in full Windows, since the core operating system is the same. However, devices are more secure since they are not afflicted by the legacy which makes desktop Windows hard to lock down without damaging usability.

While the above sounds good, note that in most cases a simple PIN will get you access to everything. On the other hand, unless the PIN is seen it is not all that insecure, since you can set policies that lock or wipe the phone after a few wrong attempts.

Does Microsoft therefore have a good story versus Blackberry 10 Balance and Samsung Knox, both of which feature secure containers that isolate business apps and data from personal? The approach is different. In Windows Phone the focus is on the whole device, whereas the other two have the concept of segmentation, letting users do what they like (including installation of games and so on) in one segment, while the business gets to control the other.

Windows Phone does in fact have a somewhat similar feature aimed at children. Kids Corner lets you create a "fun" segment containing specified apps and games, sandboxed from the main operating system. While this is currently designed for children borrowing your phone, you can see how it could be adapted to create a personal/business split if Microsoft chose to do so.

For the time being though, you might worry about the potential for users to install a malicious app or game that manages to exploit a bug in Windows Phone and compromise security.

Even if the business can lock down the device so that users cannot install apps, this impairs the user experience to the extent that most users will want another phone for personal use. The attraction of the Blackberry and Samsung approach is the way it combines user freedom with business security.

Is Microsoft doing a good job of articulating the enterprise features of Windows Phone 8? That is a hard question to answer; but my observation is that Nokia, the main Windows Phone vendor, seems to focus more on consumer features like the camera and music, or general features like maps and turn by turn navigation. Enterprise features are hardly mentioned on the Nokia stand here at Mobile World Congress in Barcelona, while Microsoft does not have a stand at all. On the other hand, you would think that the company’s strong partner ecosystem would be effective in communicating the presence of these features to enterprises.

apple, google, microsoft, mobile, software development, Uncategorized

Power shifts at Mobile World Congress: Samsung rises, Apple absent, Google hidden, Microsoft missing

4 Comments

Mobile World Congress, now under way in Barcelona, is a big event. Exact numbers are not available, but I have heard talk of 70,000 trade attendees; it is not something you can safely ignore if you have a presence in the mobile industry.

image

Nevertheless Apple chooses to ignore it, preferring its own exclusive events. This is a strategy that has worked in the past, but this year it may be less clever. Several have said to me that Apple is falling behind, being too slow to innovate its iOS device family. Of course many here are using Apple devices, but the momentum for now is elsewhere, though one magical announcement could change that any time.

Samsung on the other hand has the biggest stand here (actually several stands) and is everywhere. The underlying story is how Samsung is moving on from being an Android device vendor and focusing on Samsung-specific features. In the consumer world that means hooks into Samsung TVs or its new HomeSync media box with a Terabyte of storage, intended to be the place for all your music and video, as well as enabling Android games in your living room.

The bigger Samsung news though is its enterprise offering, called Knox, which creates a secure, encrypted container on your Samsung smartphone or tablet exclusively for business use. IT admins have full control over access and app deployment. This is the same approach used by Blackberry with the Balance feature in its new Blackberry 10 devices. Knox is implemented by third-parties, and links with Active Directory, making this an attractive proposition for businesses getting to grips with the challenge of mobile device management.

Crucially, Knox works only with Samsung devices. It is based on a secure edition of Linux and includes a hardware element so that other device vendors cannot implement Knox, though they could create their own similar system.

Blackberry on the other hand has not taken a stand at this event. Instead, it has parked itself in a hotel across the road, which its staff informally call Blackberry Towers. The symbolism is unfortunate. Last year it had a big stand; this year it is out of the mainstream. Blackberry’s new devices look good but its key business selling point is Balance, which means it will not be happy about Samsung’s Knox.

Microsoft is a puzzle, as is not uncommon for the company. Via Windows Phone it is a premier sponsor (which I imagine means a ton of cost) but does not have a stand. Windows Phone is mainly represented by Nokia, though it can be glimpsed elsewhere such as on the HTC stand. This is a company that wants to convince us that it is a serious force in mobile? Windows 8 is meant to be a new start on tablets; so where is Surface RT or Surface Pro?

I also wonder if the company has left it too late to establish Windows Phone as the best choice for secure mobility. I have been talking to Centrify here at Mobile World Congress, one of the third-parties implementing Knox solutions. Everything in a Centrify Knox deployment is controlled by Active Directory, and it forms an elegant and secure option for enterprises who want to give employees the freedom of a personal device combined with the security and manageability of a mobile device. I also saw how app developers can query Active Directory attributes on Knox Android devices just as they would with a Windows application.

So where is Microsoft with its enterprise smartphone story? It has all the pieces, including Active Directory itself, Bitlocker for device encryption, and System Center for management, but it has not yet assembled them for Windows Phone.

At least it is better than last year when it ran embarrassing "smoked by Windows Phone" demos.

Google is another puzzle. Last year a huge stand and a hall dedicated to Android; this year, nothing. Android may have won the mobile OS wars, but do initiatives like Knox show how Google is failing to reap the benefits? Possibly. It does seem to me that Google is now engaged in differentiating its own products and services from what you might call generic Android; and its absence from Mobile World Congress is likely part of that effort.

.net, development, professional, software development

Cross-platform frameworks ordered by percentage of shared code

4 Comments

Following my piece on different approaches to building the user interface in cross-platform frameworks, twitter user Sam Hogarth pointed me to the PropertyCross project. This implements a non-trivial application in 8 different cross-platform tools, covering Android, iOS and Windows Phone. Note that only four of the frameworks support Windows Phone.

Using the pie charts presented for each framework, I was able to order them by percentage of shared code as follows:

1= Adobe AIR (100%), JQTouch (100%) , RhoMobile (100%), Sencha Touch (100%)

5. Appcelerator Titanium (around 90%)

6. JQuery Mobile (around 80%)

7. Xamarin (around 40%)

8. Native (0%)

A couple of notes. Of the 100% frameworks, three do not support Windows Phone, and the one which does (Rhomobile) seems to be a bit broken on Windows Phone, judging by the screenshots. The Property Details and Favourites pages do not render properly.

You would get more code sharing with Xamarin if you only supported two rather than three platforms. That is logical: since it does not abstract the GUI.

In most cases (not Rhomobile) it is striking how different Windows Phone appears versus iOS and Android, even with jQuery Mobile which uses HTML5.

image