"Other security settings" is the place to go if you want to switch off User Account Control or change your internet security settings - closely tied in with Internet Explorer 7. This also benefits from an optional phishing filter, which checks sites you're visiting against blacklists, as well as forcing windows to display an address bar, so you can always tell where you really are. It also runs in the new Protected Mode (not available in the XP version of IE7), effectively denying the browser access to your files and the Registry.
Parental controls are another nifty new feature. Much like the current crop of internet security suites, these allow you to control the amount of time users can browse, the sites they can visit, which games they can run (for example, by age rating) and which other programs they can run too - such as blocking instant messenger apps.
The final notable inclusion is BitLocker drive encryption, which is only included in the Ultimate and Enterprise editions. It can either use a TPM (Trusted Platform Module) built onto a motherboard or, via a more convoluted process, a USB thumb drive. There's little to lose by opting for the former (performance is barely affected), but the possibility of the thumb drive being lost or failing leaves us uneasy about recommending the latter.
These changes are all broadly welcome, but we do have issues with the clarity of some. UAC, in particular, adds to the existing barrage of panicky dialogs from browsers, installers and Windows itself. Often, there's little indication of what process has prompted them, and even less information about what to do.
It's also currently impossible to be definitive about how secure Vista will be. Microsoft's attempts to bait the hacking community have so far been largely academic - the serious test will be when there's money to be made from exploiting it. The other issue is that "user error" is by far the biggest problem when it comes to security - opening unsolicited attachments, downloading dubious "utilities" and clicking "run" when you know you shouldn't. UAC and Standard accounts put up barriers, but it's disappointing that people aren't steered into using a Standard account day-to-day rather than an Administrator.
The Backup Center
The ancient backup utility in Windows XP was functional, but hidden away and not particularly easy to use. It's been completely replaced by a new Backup wizard, which will allow you to back up individual drives, directories or file types on a schedule. Although it hasn't proved entirely robust in our testing - it's easily confused by the power being cut to a removable drive, and occasionally reports errors that aren't actually true - we expect these bugs to be fixed.
It's certainly a big step in the right direction, but there are some limitations. There's next to no granularity in which files or locations are backed up (all or nothing of Documents, for example), and it also insists on backing up your system drive. Different versions also offer varying levels of support, with only the Ultimate edition supporting the new image-based Complete PC Backup - this is a key feature that really should be rolled out across all versions.
The Shadow Copy feature from Windows Server 2003 makes its way into the Ultimate and Business editions, in the form of Previous Version. Every time a file or folder is changed, a backup copy is stored, allowing you to revert back in case of emergency. Accessed via the Properties dialog, it isn't terribly user-friendly (there's no Preview option, for example), but should nonetheless be welcomed by businesses.
The 64-bit question
When you buy any edition of Vista, you'll actually receive two versions on separate DVDs: the standard 32-bit version and the 64-bit or "x64" version. While it may seem that the 64-bit version is inherently better, for the vast majority of home users the 32-bit option is far preferable.
In theory, 64-bit Vista allows for a higher specification PC by allowing - in the case of the Ultimate edition - up to 128GB of system RAM if you have a 64-bit-capable processor such as an AMD Athlon 64 or Intel Core 2 Duo. In practice, that's a moot point for all but a tiny percentage of present-day PC users. As it is, all 32-bit versions of Vista will allow for up to 4GB of RAM, which will be more than sufficient for several years to come.
Once everyday applications do start hitting the 4GB limit, hardware and software manufacturers will naturally move to developing 64-bit hardware drivers (these need to be custom written) and applications as a preference. For now and the medium term, though, manufacturers will concentrate on producing 32-bit-compatible products first and 64-bit compatibility will come a distant second. Believe it or not, there's still a significant amount of 16-bit software around too, particularly in things such as installation routines. Vista x64 won't run 16-bit code at all, and many of 32-bit Vista's legacy application compatibility features also aren't present in x64, so many older applications will be incompatible.
In addition, the x64 edition doesn't allow "unsigned" device drivers to be installed and run - they all need to be approved and digitally certified by Microsoft. Many drivers aren't signed, particularly for low-price hardware, because the certification process costs time and money. For mission-critical servers and workstations, the refusal of x64 to accept unsigned drivers is a good thing, since the majority of unrecoverable OS crashes occur due to errant drivers. But for the average home user, it means that many device drivers for everyday hardware - your low-end but perfectly usable scanner, for instance - will refuse to install on x64.