Monday, 5 January 2009

Windows 7 HomeGroups

Over the break, Microsoft's Windows 7 engineering group came out with a really thoughtful post about how people use computers at home and developed the concept of the HomeGroup.

Essentially, it comes down to the fact that most people in a house know each other and are happy to share resources, be it media, data, files, printers with each other, and that it should be easy for people to join a home group. Also as people are happy to share security within the group does not have to be as restrictive a model as outside - the consenting adults concept.

And certainly that's the way we work at home. We share computers, we share printers, we bring home office computers, shuffle data back and forth between them, and we're happy to let Mandy, Judi's niece, use our bandwidth and our printers when she comes to house sit. Crucially we don't expect to share our data with her or her to share herr data with us.

Microsoft being Microsoft, of course view it as something specific to the Windows 7 world and probably as a marketing proposition. Given that windows operating systems probably run on 95% of all home machines probably and Microsoft would like users to upgrade to Windows 7 that's probably a fairly justifiable approach.

We, of course, are part of the other 5% at home, Linux and OS X, although Judi has a school XP based laptop, and Mandy has a noname XP laptop. And there's the rub, firstly not everybody runs windows 7 (or indeed any Windows OS) or will want to upgrade. After all if you've a noname laptop that works for you why would you? You use it for your life and when it's too old or too slow you go and buy another newer one from Officeworks or JB Hi-Fi.

So the home group concept needs to be extended a little. It needs to be multiplatform and easy to give people differential access. Essentially we need an internet fridge or other appliance that machines (not people) authenticate to when they connect to your home network.

Why machines?

People share machines, and a surprising number of people don't put passwords or anything on their home machines - just auto log in and go.

So think of our house - we want all our machines to access printers and any file services we have running. We want our work machines to access our printers when they come home but that's about it. Much the same for Mandy. We do not however want the kid over the back to access our printers, or indeed anything else. We want a home gatekeeper that knows about machines and if they can access printers or mount file services.

Autoconfiguration is probably tricky, but going to a single web page and setting options much as one does with a home router can be made sufficiently simple that it's easy to have machines configured to mount devices when they're at home but not when they're not, by using the network locale to 'know' where a machine is. After all Mandy's machine might be a member of two or three home groups, ours, her share house, her boyfriend's share house ...

2 comments:

clune.org said...

The basic tech for this is there already: 802.1x for the machine auth and bonjour/wpad for the auto-discovery

dgm said...

The building blocks are there, essentially we are talking about an enhanced version of SLP (or Avahi, Bonjour etc) that can deal with differential access levels and an easy mechnism for the user to set up access control lists