Started a new job, with Windows 11. notepad.exe now takes 3 to 4 seconds to load on my work system... (even after closing the last tab and reopening the program).
Hah, it even has in-app purchases, for AI writing...
Started a new job, with Windows 11. notepad.exe now takes 3 to 4 seconds to load on my work system... (even after closing the last tab and reopening the program).
Hah, it even has in-app purchases, for AI writing...
As slow as Windows is (very), once you start adding the corporate security tools on top of it (Crowdstrike) and have to deal with a slow and buggy corporate DNS system, it just becomes unusable.
The only way I can do anything timely now is through WSL.
Yeah, I'm worried about the day when infosec turns it's eye toward WSL. So far they have turned a blind eye, but just wait until someone cooks up an exploit targeting WSL...
In my experience they just block it in corporate environments.
They don't explicitly block it in my org, but connecting to VPN while it's running breaks the networking inside WSL.
Sometimes it is routed from the VPN, sometimes it is DNS, sometimes it just needs a restart. I'm not sure if that situation has improved. There were some workarounds at one point.
It's "just" a Hyper-V VM with some extra drivers to talk to the sibling VM. There isn't much special about it that should worry you too much.
Well, I'd like to tell security that
True, those things make Windows unusable. They also make the Mac worse, but not so much worse that it isn’t an absolute breath of fresh air compared to any corporate provided Windows device.
> The only way I can do anything timely now is through WSL.
There's your mistake, if do it faster, you're going to get more work assigned. If you do it as Windows speed you get to do less work. Same money.
Yeh. The unix VNC session I connect to is snappier than the client host it is running on.
[dead]
It's sad. Further compounding the problem like siblings have said is enterprise security stack stuff - EDRs/XDRs, app control, firewalls, productivity police nonsense.
The second thing is that enterprises typically don't have someone fighting for the desktop UX to remain usable when PC fleets go up for purchase - pick the cheapest toilet paper is often the strategy of the day. Now you have a PC that hits a bargain price point that seemed attractive on some analysis to the CFO, it's been saddled with security software that saps 50% of the limited performance to begin with.
Lot's of enterprises are enabling whitelisting of apps launching using some sort of tooling - I think Microsoft provides one, and CrowdStrike etc. It's likely the delay involves a call to a backend application or even sometimes a web server. This would be on top of real-time scanning of every file before it's opened.
Yes, it's usually a filter driver that delays execution until something like a hash is checked or other rules evaluate. Some products hash every interesting/executable file on the PC. They're powerful tools but can be extremely performance-sapping.
Microsoft has AppLocker (since Win7, I think). If you give it a curated whitelist it's actually quite alright and manages well via GPO. (until you manage to lock yourself out ;) Much less overhead than any 3rd party tool that hooks the kernel.
True ... my company recently started deploying endpoint protection like crowdstrike, beyondtrust, zscalet onto our macs and these have slowed my machine considerably. They somehow spike the CPU just when I am doing something important.
Those are basically spyware hooked to every system call.
Microslop at its best.
I’m struggling to understand what their end goal is. How much can you half ass everything until your entire company becomes just a nuisance.
Big assumption there that they even have an end goal.
Given that making Windows' market share is more or less impossible to make any bigger at this point (every human on earth has used Windows in some capacity by this point; there are no new markets to expand to, the only option left is to not bleed old users, but that requires significant effort and a good strategy), they've opted to not really bother with Windows and shifted focus completely, leaving Windows out to dry, resulting in this and gestures vaguely at Windows 11 and everything else Windows.
I have had the same thought for years. I guess their monopoly makes them able not to care about quality (and does not depend on it).
A big decision maker, before signing a big contract, will look at the budget and won't care about how good is the UX.
At some point I assume somebody had to explain why the start menu is 40-50 times slower than previous releases. Or they simply vibe-code something and ship it not caring what they created.
At thsi point i think the current goal is the annoy the tiny ants in the consumer market who complain and are a nuisance , but don’t make them much money compared is the big boys in the enterprise world.
I can't even start notepad.exe since upgrading to 11. It complains about a missing DLL. I'm only down to a few pieces of daily-driver software that I absolutely need a non-VM Windows installation for. Once I migrate from those, it'll be a full switch to Linux for me. I've hated Microsoft with a passion for far too long
Sounds like something is wrong with your system.
My work machine runs Windows 11 and it's fully up to date. Notepad starts pretty much instantly.
At my last job I was responsible for 70 windows 11 machines. At my current job it’s 20. These are i7/i9 spec with 64+GB memory and NVMe drives. No endpoint management software, just Intune for device registration.
They all have _very significant _ performance issues out of the box, with very long app startups, and very confusing slowdowns. I am 99% sure it’s windows defender doing an absolute crap ton of work on every single file open, and ignoring file and folder exclusions.
I know IT people often aren't given the time to dig into this stuff, but xperf and event tracing should reveal the culprit fairly quickly.
The best resource for this kind of stuff is Bruce Dawson's blog:
https://randomascii.wordpress.com/2015/09/24/etw-central/
I'm not IT, I'm' just the senior most engineer in a game studio. Ive got WPA captures that point to windows defender, even with processes and folders excluded. But I have literally no idea what to do with those traces, hence my 99% conviction.
If it is mostly your own tooling you may want to look at setting up a dev drive. It is supposed to be more optimized around workloads that would normally spin stuff like defender off the rails.
I need to write the blog post. I keep being told this, and it’s not the solution.
After a reboot, on an NVMe dev drive with no disk encryption, first launch of our internal application (unreal editor) takes 9 minutes on my workstation. If I disable windows defender before launching it, it takes 30 seconds. If I add all the processes as exclusions, and add the workspace folder as an exclusion to defender… 9 minutes.
edit:
I didn't mean to direct this at you. I mean that it's somehow gained traction as being the solution to slow filesystem access, but the reality is it's just broken.
If it's that bad, why not just disable it?
Enterprise versions are tamper-protected.
Can you not dual boot into something else and delete the executable?
Disk encryption is also mandated in most enterprises.
I do not mean to patronize, it's just the enterprise-y stuff has tried locking down the PCs for exactly this reason - deleting the security tools when they're not loaded would be of course very effective.
On top of that, showing such motivation can expose people to violating the 782 commandments of whatever corporate IT policy someone had to sign to get a paycheck.
Rare is the security vs usability compromise in these companies that accounts for the need for high performance desktops, sadly.
I replied above but basically we still need something; some people are just incapable of not making a total mess and they will literally go to Trojan.com and install dangerous.msi, ignore all the optional dismissible pop ups that say this is bad, and then still drop me a DM that the cracked plugin they got for maya to try out before asking to spend $8 isn’t working…
If there’s a middle ground I’d love to hear it!
Couldn't you disable on a per-user basis? Everyone shouldn't be punished just because a few people can't be careful with their stuff.
The person mentioned is a special case but the reality is that most people do need _something_. What happens if one trusted person makes a mistake and submits an exe to perforce? Now absolutely everyone is hosed.
Why would everyone be hosed just because a binary got committed to version control? Either way, surely you can set up some policies or monitoring for that sort of thing.
I don't know, I've been developing on Windows for decades without an antivirus and I've never had these issues. Are your people downloading and installing random software all the time? In my experience, once I'm set up with my usual tools I rarely need to install anything else.
Eugh. Well, whatever. Not like it makes any difference to the employee. They get paid whether they're waiting for the computer to finish spinning or doing useful work.
We’re spending $4-8000 on these machines to try and offset these problems.
The problem is that there’s 100 of these “little” issues - and I have a full time job that _isnt_ doing IT support. If someone can help me find an IT support contractor that I can hire that will fix it I’d love to chat to them, but it goes in the pile alongside “why on earth does teams take longer to boot than my entire machine” and “why are we using zoom (because the person who makes the decision there prefers zoom to teams”)
I am the enterprise here. We enforce it on because the alternative is worse.
Because the alternative is worse - no protection. Because we have everything in Intune we get the per device scan reports (I lied - we do enforce _some_ stuff as a group policy. We disable turning off certain features and we manage the windows update cadence) and thrrr have been multiple people who still need it… it’s generally non tech people who just download the absolute worst crap imaginable and ignore all the bypassable warnings too.
The best demonstration of the delay is typing Calc in the Win+R Run dialog. There's a difference between instant and "way faster than Word".
On Windows 7, you could hit enter and immediately start typing numbers and it would work. I have never worked on a Windows 10 or 11 machine where it launches instantly.
I get a similar lag when launching Notepad. Not a huge disruption to the day, but annoying to see on a simple utility that used to be better.
That one is a little slower for me too - about 700 ms (it's a difficult thing to time with a stopwatch).
The iOS app "Is it snappy?" Is great for things like this.
That's really cool and what a great idea. Thanks for the recommendation.
in windows 11 i launch calc from win+r and it opens right when i hit enter. the delay is not from the launch dialog/OS but from the app (i use windows 7 calculator, i've replaced it because i don't like win 10+ calc design)
Just give her a little of the ole "works on my machine."
To everyone reading this, Win 11 Notepad CAN BE UNINSTALLED.
Old one lives in c:/windows/notepad.exe which you can open with Win+R, type notepad to open good old non-slop non-ai notpead. Or do some registry shenanigans (you can find them online) to bring that one in start menu or make it a default editor.
That's nothing. He have Surface Pro laptops, and of course it has Copilot built in. I tried to open an app by typing in a search. On versions without Copilot turned on, instantly finds the app. On a Surface Pro, takes a good 20-30 seconds for it even start the search.
Complete rubbish. Not a single person in the organisation likes the new Outlook.
The amount of applications on the average consumer's laptop is such a tiny space to search over that there really is no excuse for this being anything other than instant.
iOS and macOS suffer this too, it's like I open search and the operating system awakes from a hangover and makes sure it's wearing pants first
Tip: Spotlight searches through all data and can be slow, but there's a separate App Library search that only searches the app names and it's instant.
One of the first things I do on any Mac device is to disable Spotlight, install and bind Alfred to Cmd-Space, and then change Finder's preferences so that Cmd-F searches the current directory.
iOS and macOS aren't even close to the awfulness of search on Windows.
Although they have just rewritten it so there must have been some problems with it.