Sunday, May 10, 2009

Microsoft XP Mode link-dump

MSDump

CC Photo Credit: by Choctopus on Flickr

I’ve been besieged with too many interesting topics and issues these past two weeks.  Way too many links for a borderline OCD geek to digest.

The problem with this is that when an interesting technology swells, sometimes I am unable to climb up and ride it in  Instead I get wiped out and when I finally reach the beach the wave has long since crashed and I’m left with a humongous collection of linkage that serves better as a reference post than I had hoped.

That is the case this time with news that Windows 7 has a neat feature for some supported versions called XP Mode (XPM).

Windows XP Mode is available for Windows 7 Professional, Windows 7 Ultimate and Windows 7 Enterprise customers.

If you want a quick and excellent “how-to” on getting it up and running on your Windows 7 RC installation just pop over to this link.  I guarantee it is the shiznizzle.

It’s got everything you need to know to determine if this is for you, and what steps you should follow to get XPM running on your system.

The rest of this post is just linkage for the tech-heads or sadly curious.

What’s so Exciting Anyway?

Let’s let Rafael Rivera explain it from his Within Windows blog XPM announcement: Secret No More: Revealing Windows XP Mode for Windows 7

XP Mode consists of the Virtual PC-based virtual environment and a fully licensed copy of Windows XP with Service Pack 3 (SP3). It will be made available, for free, to users of Windows 7 Professional, Enterprise, and Ultimate editions via a download from the Microsoft web site. (That is, it will not be included in the box with Windows 7, but is considered an out-of-band update, like Windows Live Essentials.) XPM works much like today’s Virtual PC products, but with one important exception: As with the enterprise-based MED-V (Microsoft Enterprise Desktop Virtualization) product, XPM does not require you to run the virtual environment as a separate Windows desktop. Instead, as you install applications inside the virtual XP environment, they are published to the host (Windows 7) OS as well. (With shortcuts placed in the Start Menu.) That way, users can run Windows XP-based applications (like IE 6) alongside Windows 7 applications under a single desktop.

Basically XPM mode embeds a fully functional XP Pro OS build inside supported Windows 7 OS builds, then wraps it so tightly around that you might not know where the host OS begins and the virtualized XP system ends.  Documents are not stored inside the XP VHD but back on the Windows 7 libraries.  When you launch an application installed inside the XPM VHD, you don’t have to launch XPM first, it happens automagically.

That’s the promise, at least.

If fully delivered, it will be pretty cool and useful for a select class of users.

Supporting XPM: Virtual PC (beta)

Windows Virtual PC home page – Go here to download the Windows Virtual PC beta package specially crafted for Windows 7 systems.  There is not (yet) an updated version for XP/Vista systems. So for you, you must content yourself with the current Virtual PC 2007 release build.

The Windows Virtual PC (beta) features do now include some wonderful virtualization features that VPC has been lacking;

USB support - Users can access USB devices attached to the host directly from virtual Windows XP. These devices include printers and scanners, flash memory/sticks and external hard disks, digital cameras, and more.

Seamless applications - Publish and launch applications installed on Virtual Windows XP directly from the Windows 7 desktop, as if they were installed on the Windows 7 host itself.
Folder integration between host and guest
Folder integration between host and guest

Access your Windows 7 Known Folders: My documents, Pictures, Desktop, Music, and Video, from inside the virtual Windows environment, such as Windows XP Mode.

Clipboard sharing - Cut and paste between your Windows 7 host and any virtual machine.

Printer redirection - Print directly to your attached printer from your seamless application or virtual machine.

While these features aren't remarkable in the world of other virtualization software products...they do seem like a big jump for Virtual PC which seems to have lagged in these areas.

Unfortunately for VPC fans, most of these new features have been offered by other virtualization products such as VMWare and Sun’s VirtualBox.  However it is nice to see that VPC is finally stepping up on these items.

The solutioning contrast between XPM and MED-V v2 is nicely broken down in this How MED-V v2 Helps You Manage Windows XP Mode - Windows for your Business - The Windows Blog team Post.

MED-V is a solution for the enterprise-class IT shops and customer needs. 

XPM is likely going to be picked up by home-using geeks who dabble in virtualization, and small offices and business who have older applications they must continue to use, but want/need to leave XP as a primary OS behind.

Say maybe they’ve got some Access 97 databases/clients and don’t want to mix Office installations.  Or maybe some specially crafted applications that just don’t play well on any system except XP OS.

Why It's a Big Deal (to a select few)

XP Mode is for real: First “Windows Virtual PC” beta accompanies Windows 7 RC – Betanews

Is “XP Mode” in Windows 7 something you’d want to use? – Betanews.   Scott M. Fulton, III drills in on the whole amazing thing about this (besides the W7/XP integration).

Essentially giving away a working XP kernel -- which is what Microsoft has decided to do -- is the company's boldest move toward neutralizing the negative impact of the downward compatibility argument on the operating system. The press materials last week presented by Microsoft did not explicitly specify that both Windows Virtual PC and the XP Mode drop-in (a pre-installed virtual machine) would be free, so even though a Microsoft FAQ for the general public stated they would be, we weren't certain we should report that without direct confirmation.

Over the weekend, Microsoft spokespersons rallied to confirm the licensing situation. Users of Windows 7 Professional, Enterprise, and Ultimate SKUs, a spokesperson confirmed to Betanews Sunday afternoon, will not be charged extra to download either Windows Virtual PC or the XP Mode drop-in. But the downloads will be available "for all customers," the spokesperson added, leaving open the possibility of future fee-based licensing for users of other Win7 SKUs. For now, as is the case with Vista, the Ultimate SKU is the only consumer-grade edition of Win7 that enables the business-class features of the operating system, which also include such things as group policy management.

In case Scott didn’t make that clear, try Ed Bott’s take in his ZDNet Microsoft Report blog post Why all the fuss over XP Mode?.  It’s even more direct:

So why is XP Mode a big deal? It’s not the technology, it’s the licensing. For Windows Vista, Microsoft allows customers running Enterprise edition under a volume license to run up to four virtual machines with the same Windows license (downgrade rights mean the VM can run an earlier version of Windows like XP Professional). Everyone else (yes, I’m looking at the entire small business sector here), you need to buy a separate XP license to run in that VM. That’s a lot of money to pay just to run one incompatible app.

For Windows 7, Microsoft has removed that objection. If you buy Windows 7 Professional, you get the right to download and use a licensed copy of XP, neatly packaged in a VHD and ready to run in the XP Mode environment.

So if you have an Windows 7 Professional, Ultimate, or Enterprise version, you can download, install and use an unrestricted XP Pro build to your heart’s content within Windows 7; at no additional cost.

That’s two, two OS’s for the price of one.

Everyone else will still have to pony up $ for a qualifying XP OS license to run in Virtual PC 2007, or take the XP OS they bought (assuming it qualifies) and they put aside (hopefully if you are Microsoft) and then reuse it inside a virtual system and not on running hardware any longer.  What a bargain!

Issue No. 2

Dwight Silverman did a great roundup review of XPM and some of the key issues related to it.  He nails the second one.

Secret new option in Windows 7? It’s Windows XP! – TechBlog

With this feature, Microsoft clearly hopes to erase business objections to upgrading. If Win7 can run WinXP apps just fine, there are fewer obstacles to Win7 adoption. But this isn't a slam-dunk.

Older machines are not likely to have the horsepower to run Windows XP Mode smoothly. And running virtually - even in a preconfigured virtual machine - adds a layer of complexity both for IT managers and their users.

Not only do you have to have a system beefy enough to support running Windows 7, and an OS version of it that supports XPM, but you have to have the system hardware to support it.  And I suspect that many machines (particularly older desktops and laptops that have been chugging away faithfully on XP since the beginning) just won’t cut it.

XPM requires processor-based virtualization support (Intel and AMD) to be present and enabled on the underlying PC.

OSNews’s Thom Holwerda goes to town on all the exuberant XPM news and feature postings and chides them a bit on leaving out the important details of this hardware requirement: Teacup, Meet Storm, pt. II: XPM and Intel Support.

And for non-geeks looking to upgrade their home/office systems to take advantage of Windows 7 and all the bells and whistles it offers, choosing the correct processor for the job can be daunting, as Ed Bott recounts in his ZDNet Microsoft Report blog post How many Intel CPUs will fail the XP Mode test in Windows 7?

…three years later, it appears to be time for the “Vista Capable” sequel. How much positive Windows 7 buzz will be wiped out in coming weeks and months when consumers and business buyers discover that a heavily hyped new Windows 7 feature, XP Mode, won’t work on some Intel-based products? The problem is caused by the Byzantine way Intel packages its CPU technology—adding, removing, and tweaking features like bus speed and cache size to hit the widest variety of price points for PC makers.

The new Windows Virtual PC (now available as a beta release for the Windows 7 Release Candidate) requires hardware-assisted virtualization. For your PC to run XP Mode in Windows 7, the CPU has to support Intel Virtualization Technology (Intel VT) or AMD Virtualization (AMD-V), and this support has to be enabled in the BIOS.

In the case of Intel’s phenomenally confusing product matrix, VT support is added and removed from CPU models for reasons that have more to do with marketing than technology. You can’t necessarily tell from the model number whether VT support is present or not. If you buy a brand-new PC and pick the wrong CPU, Windows Virtual PC won’t be able to host the virtual machine that powers XP Mode. And spending more money can actually hurt you in some configurations.

The Register’s Tim Anderson had to bang around in the BIOS a bit to get their fairly recent system’s hardware-based virtualization support engaged and running before getting XPM up and running

Windows 7’s XP Mode - Virtually worth the effort • The Register

Windows XP Mode requires hardware virtualization support from your CPU, either AMD Virtualization (AMD-V) or Intel Virtualization Technology (Intel-VT). Two snags: first, most PCs which support this have it disabled by default, and second, there are plenty of boxes out there that do not support it at all, including those based on current Intel Celeron, Pentium, and some Core 2 Duo CPUs.”

His issues and victories are good reading so be prepared for some bumps along the way with the installation process.

Does it Float Virtualize?

The easiest way to see if you already have the juice on your system to run XPM mode (hardware wise) is to download the free SecurAble utility from GRC.  It will tell you if your laptop/desktop will support 32-bit or 64 bit OS’s, hardware-base DEP protection features, and finally, hardware-based virtualization support.

It’s a tiny EXE file so it is easy to stick on your USB stick and test different systems quickly around your shop/business/home.

image

(in which with the help of GCR’s SecurAble utility and Moe maid Mio’s energy beam, we find the Valca Gateway laptop is ready for Windows 7 64-bit and XPM mode assimilation)

On the other hand, if you don’t already have the system in front of you and are doing pre-homework before purchase, you have your work cut out for you, as Ed Bott found out and documented in detail.

Some sites you might want to check in at:

Be prepared for confusion.

Issue No. 3

It’s a doozie: Security of the virtualized XPM system.

I’ve not seen much discussion on how the virtualized XP system is to be secured.  Will it require the XP virtualized firewall to be enabled?  Will the host AV/AM software sufficiently protect it?  Or will everyone have to run additional AV/AM software inside of the XPM wrapper?  Will the XPM OS need to keep its patches updated?  Probably so.  What happens when a critical OS fault is encountered by Virtual PC from inside the XPM system.  A virtual BSOD? It can happen! I’ve seen it.  How about recovering after a bombed XPM system?  Will XPM host system restore features?  Or will you have to do all your building?  How does user and system security get managed (just like any other OS)?  Does it adopt the host permissions wrapper?

It supports and can use earlier release versions of Internet Explorer, you know, the less-secure ones?  If a user is browsing around in XPM with IE8 and hits a drive-by malware dropper site, the Windows 7 host might remain insulated to a large degree (I hope) but the XPM system and all the user’s critical data/applications might get hosed.  I mean, I can’t imagine most businesses wanting to take the time and effort to set up and support XPM on a system unless it really was “mission-critical”.  So security of that XPM system is all the more important.

The questions can roll on for quite a while, but if it is a true XP OS embedded inside Windows 7, it seems to me at this stage that all the headaches and work that goes along with any other XP OS comes along with XP Mode usage.

Rafael Rivera (and others) will no doubt be exploring and expanding these concerns and issues in the months ahead of the Virtual PC for Windows 7 and Windows 7 RTM releases.  But consider this that Rafael posted: Windows XP Mode Internals - Part 1 (Overview) - Within Windows.

XPM comes in two parts – The VHD package – containing a preinstalled, shrink-wrapped copy of Windows XP with SP3 — and an optional Windows update (KB958559) that deploys a variant of the upcoming Virtual PC 7 (VPC) product. After installation, your XPM installation folder will contain an expanded VHD, a text file containing the product key, and some random words in license agreement form.

If there is a VHD (Microsoft Virtual Hard Drive) file, and if there is an XP OS in in, then unless great care is given, there is a virtual pitre-dish ready and waiting for malicious code-based pathogens to grow and multiply comfortably within.

There’s even more.

Suppose for some reason law-enforcement or corporate IT incident response is marshaled against a user with such a system.  Not only will they they need to assess the host system and drive contents, but then they will need to dive into the VHD OS system as well and examine that drive-within-a-drive for additional evidence.

Just one more thing to be on the look-out for in incident response cases!

Whew.

Going Behind the Emerald Curtain of XPM

For an even deeper assessment of the technologies used by XPM, Virtual PC, and the Windows 7 host, you would do well to read these excellent posts by Rafael Rivera:

Windows XP Mode Internals - Part 1 (Overview) - Within Windows – Covers the installation and hooking process that gets all these pieces aligned and synchronizing correctly.

Windows XP Mode Internals – Part 2 (Application Publishing Magic) - Within Windows – Some even more (brief) details on how the interaction between the host and client systems occur, as well as a curious limitation of XPM mode:

XPM eliminates the publishing step in the traditional Terminal Services model by incorporating monitoring logic within the Virtual Machine Services components installed on Windows XP for you, at first run. This component, amongst other things, monitors the (All Users) Start Menu for shortcut additions and deletions. For example, after detecting an added shortcut XPM adds the application to the Remote Applications white-list, nabs its icon, and performs some other internal house keeping tasks before passing the baton to the host operating system for addition to the Virtual Applications list in the Start Menu.

…one of the (current?) limitations with XPM (as a result of client Terminal Server licensing) is that only one user or channel can be open at any given time. This means you cannot execute Internet Explorer 6 while running maintenance tasks within the virtual machine, like installing updates from Windows Update. For the tinker tots, however, you may want to patch the Windows XP guest to allow simultaneous RDP sessions.

So it appears that either by design or circumstance of architecture, there may be limits to the number of things you can do within XPM at any given time.  For non-technical users who were set up with a XPM configuration, this could cause some headaches for the IT staff when stuff doesn’t work the way it should from time to time.  (Is that an additional process you’ve got running there or are you just unhappy to see me?)

Rafael’s post I’ve referenced above does include a nicely illustrated Flash video showing just that issue.

Do I even need XP Mode?

Short answer?

Probably not.

And you don’t need to feel bad about it anyway.

Remember, even out of the gate, many users will be excluded from XP Mode operations by the fact their Windows 7 OS builds won’t support it.  Only Windows 7 Professional, Ultimate, and Enterprise builds will allow it.  Then you have to have the hardware to install it.  Then you have to take the time to install it, configure it, and get your XP applications running within it.

That’s a lot of work to get your app running.

For most folks, Microsoft already has been delivering a (usually) acceptable solution since XP and now in Vista.

It’s called Application/Program Compatibility Mode.

Windows XP Application Compatibility Technologies – Microsoft TechNet

Introduction

In general, applications are highly optimized for a specific operating system or operating system version. Application compatibility problems can arise when users try to run their favorite programs on a newer version of the Microsoft Windows® operating system, for example, than the one for which the application was originally written. This may be especially true when migrating many older applications to Windows XP, because it is built upon the foundation of Windows NT® and Windows 2000, and not the consumer-oriented line of operating systems (Windows 95, Windows 98, and Windows Millennium Edition).

Because Windows NT and Windows 2000 are business operating systems, many application developers with the home user in mind have chosen to write their programs solely for Windows 95 and its successors. Accordingly, migrating these applications to Windows XP must take into account the differences in the respective operating system application programming interfaces (APIs). Some of these differences are due to the new features of Windows XP, but some are due to the more stringent programming requirements of the Windows NT code base.

Applications that worked on earlier versions of Windows may fail to function properly on Windows XP for a variety of reasons—an application may expect older formats of Windows data, or it may expect user information, such as that in personal and temporary folders, to be in specific locations or formats. Problems such as these mostly apply to applications written for Windows 95, Windows 98, or Windows Me, but some applications written for Windows NT or Windows 2000 may also be affected.

To solve this problem and so enable a better user experience with legacy applications, Microsoft has integrated application compatibility technologies into Windows XP that come into play whenever an application is installed on the operating system, whether in the course of a system upgrade or during regular operations. This article first describes these technologies in detail and then outlines how they can be used and extended, in particular with the supplemental tools available in the Application Compatibility Toolkit.

The rest of the page goes into great technical detail on the technologies and methods that run and control this feature.

Knock yourself out there tiger!

Otherwise, hop down to these links for the end-user version on this feature that you may or may not already be familiar with.

How to Use Windows Application Compatibility Mode – Microsoft TechNet

How to use Windows Program Compatibility mode in Windows XP – Microsoft Help and Support ID 292533

How do I use the Compatibility tab in Windows Vista? -- TechRepublic.com

Make older programs run in this version of Windows - Windows Vista Help

Get IT Done: Make legacy applications feel at home in Windows XP -- TechRepublic.com

Program Compatibility Features and Resulting Internet Communication in Windows Vista – Microsoft TechNet

And to great delight for all those Windows 7 users who don’t have the hardware to run XPM or have a qualifying OS version, take hart, Compatibility Mode is still alive and will in Windows 7.

Compatibility Mode - Windows 7 Forums

Lots of pictures on that one!

The Bottom Lines for XPM and Windows 7

So why even bother with XPM mode for Windows 7 and all the extra headroom it requires and the security and management/support issues it brings with it?

Well, some old-school applications just won’t work under Windows 7 (or Vista) in compatibility mode. They require certain rights or DLL’s or services or permissions or system structures that Windows 7/Vista just cannot or no longer will provide.  In these circumstances, Application Compatibility Mode just isn’t going to work/help what-so-ever.

And for the big-shot, enterprise level deployments, the IT shops are going to find XPM amusing and curious, but their resources and energies will be spend deploying enterprise-based MED-V (Microsoft Enterprise Desktop Virtualization) products.

So you can either stay running XP and fall further behind on the Microsoft support cycle, you can ditch your application/databases that just won’t run any other way on Vista/Windows7, or your can either purchase an XP licenses and set up a Virtual PC 2007 VHD to run it in (for Vista or XPM unsupported Win7 OS’s), or you can drink the cool-aid and belly up to the XPM saloon.

All this long post to say this,

You’ve got options for backward-compatibility in Windows 7 (and Vista) my friend.

And though they might bring a measure of headaches, they are also slick and sexy; in a geeky way.

Enough said for now.

I’m sure there will be even more as time wears on.

--Claus V.

Bonus Linkage – because one truck-load is never enough….:

You know me, I can’t leave a Web-rabbit unlinked.

Here are a few more resources and blogs related to MED-V technologies and solutions.

Claus Out!

No comments:

Post a Comment