Vista Security — Too Little Too Late 483
Thomas Greene of The Register has a fairly comprehensive review of Vista and IE7 user security measures. The verdict is: better but not adequate, and mostly an attempt to shift blame onto the user when things go wrong. From the review: "[Vista is] a slightly more secure version than XP SP2. There are good features, and there are good ideas, but they've been implemented badly. The old problems never go away: too many networking services enabled by default; too many owners running their boxes as admins and downloading every bit of malware they can get their hands on."
Vista security is.. (Score:5, Insightful)
And it is the first thing to be disabled for sure.
Re:Vista security is.. (Score:5, Insightful)
Alas... I think it is asking for everything, therefore asking for nothing. An automatic OK is just as bad as no confirmation asked. Even worse, IMHO.
Re: (Score:2, Interesting)
Sounds like perhaps, they didn't do the most obvious thing, and kill ActiveX. There is absofuckinglutely no reason for a web page to execute native code. I'd say use C#, but from what I understand they didn't properly sandbox that for the web either. If we could at least get through to the web designer community, that might help. No respectable web site should use ActiveX. Period.
Such an old joke, yet you failed to get it right (Score:3, Funny)
On every old webpage.
Re: (Score:3, Insightful)
So now you understand why MS didn't drop ActiveX, and therefore why all the talk about improved security is marketing claptrap.
When you've got an entire country locked-in to your product, and countless smaller organizations too, you don't throw away the padlock during the upgrade.
The OS that cried "wolf!" (Score:4, Insightful)
This is exactly what Vista security is.
My main problem with Vista security is that it is an OS that cries wolf. When I installed Vista, I had to click no less than 50 security confirmation dialog boxes (it's important to note that these were security dialog boxes) within the first hour or so in order to do simple, stupid stuff that clearly should not have needed confirmation. Stuff like changing my desktop background. Stuff like moving some documents around on a removable hard drive. Stuff like copying a line of text from an IE7 edit box. Stuff like pasting that line of text into a different IE7 edit box. Stuff like creating a new text file on my removable hard drive. And so on, and so on, ad nauseum.
This isn't security. This is constant aggravation, and yes, I cannot imagine any normal user calling their geek friend after five minutes and saying, "How do I turn this damn thing off?" Even if they don't, they "mentally" disable it by simply clicking Allow without thinking. Hell, I'm a computer expert, and I did it. "You are installing the pwnzj00 virus." Allow. "You are sending your bank account numbers to Nigeria." Allow, allow, allow, dammit! Leave me alone!
I try to give Microsoft the benefit of a doubt. I'm not a zealot or a Microsoft basher, seriously. I think they've put out some good software, but on this point, I have to agree with the folks who are saying that Microsoft isn't serious about security, they're simply trying to push the blame for when things go wrong onto the users.
There's no way in hell that they could have conducted any usability tests and found the currently scheme acceptable. But they still let it out the door, most likely to meet some sort of artificial management deadline to keep the OS from shipping any later than it already had.
So now, we've gone from OSes that never alert you to potential security risks to an OS that is even worse because it alerts you to everything, security risk or not.
I'll be interested to see how Microsoft tries to fix this mess, both from a technical standpoint and a PR standpoint.
What you said, except more amusing (Score:5, Interesting)
Re: (Score:3, Interesting)
"You want to write a file to a directory you don't have permission to use. Please log in as an administrator to do so. Otherwise, fuck off."
Of course in OSX you could just SU and go ahead and write that damn file wherever you please. Wait, that seems a little familiar...
On a side note, since you brought up Apple's ads, I'd like to discuss the difference between Apple's ads and Micro
You're absolutely right (Score:5, Funny)
Re:The OS that cried "wolf!" (Score:5, Insightful)
Re: (Score:3, Insightful)
That's where I stopped reading. If you are going to lie at least come up with credible lies. At no point does Vista UAC pop up while changing your background. Even in early beta it did not do what you describe.
Re: (Score:3, Informative)
Re:The OS that cried "wolf!" (Score:4, Informative)
Re: (Score:3, Interesting)
As I offered in another reply to one of your weird posts, you figure out a way to set up escrow, and I'll take you up on that.
I can show you my receipt, if you want me to. In fact, if you're willing to give me what I paid for it, I'll be more than willing to sell you my copy. (Not an OEM or upgrade, so the license is freely transferable.) Although, honestly,
The whole concept is wrong! (Score:3, Insightful)
Try to run win XP and see if you can get along with it without root permissions for one day.
The programmers concept for windows is just wrong! you can not require root privileges to run Acrobat Reader, Adobe Photoshop or who knows what
For that matter, try to get along with regular user on Linux, you'll be able to do so (and you'll stay of-course), why? cause Linux was built in as Multi user OS, un-like Windows in which
Re: (Score:3, Informative)
I have always had problems trying to install RPMs or DEBs on any linux distribution
Require administrator access/require workaround (Score:3, Informative)
Windows non-administrator LUA/UAC advice, tips and tricks [msdn.com].
Re:Vista security is.. (Score:5, Insightful)
My sarcasm detector is a little wonky today, so I apologize in advance if that's what that comment was. Otherwise...
Did you RTFA? If you did, it vehemently disagrees with what you said.
(emphasis mine)
Re: (Score:2)
With my first sentence, I meant that the GP post was wrong in saying that UAC is the only security feature in Vista.
Re:Vista security is.. (Score:5, Insightful)
Here is a little tidbit to shock you...
The vast majority of users that use a computer don't really know anything about computers and they shouldn't have to!!! If a computer is operating correctly they shouldn't even have to think about their computer. They should be thinking about their task at hand. They shouldn't even want to "know about computers" because if they did they would have different jobs. (A lot of "computer people" can't get it through their heads that the users shouldn't have to know much about computers and if they all did the "computer people" would be mostly out of jobs.)
The very first example of MS's real conceptual problem with computer security is showcased by the first thing you see when you start up the computer. Let me ask you: What do you need to know to get into a computer? A username and a password. So MS's idea of increased security is to hand you a list of all the usernames on a platter so you can skip past the "find a valid username" step and go straight to the "lets find the user with a weak password" step. I haven't even been able find a way to force a 'classic' text login. We are 'clicking' our way into the pits of hell.
Right after XP came out Mr. Bill public stated that "the next version of Windows will not be an Operating System. It will be a Digital Rights Management Platform." He said it in public and everyone seems to have forgotten it. Why would anyone PAY for a system that's only reason for existence is to inhibit the user's actions? Bill is a master at knowing which way people will jump. (That is the only thing he is really brilliant at.) He knows that people won't rush out and buy a DRM/Platform so he has to sell it as something different. It is pretty easy to do too. People (are Raccoons. Give them something shiney and their eyes glaze over and they will clutch it with both hands and won't let go. Vista has every bright and shiny go-ga that MS could throw in. Will Vista be a "success"? Of course! The Raccoons will demand their bright/shiny (pointless) 'upgrades' because how can we live without a computer that will use video as a desktop image. (I think that running the movie Idiocracy as a desktop would be perfect!)
BTW - Has anyone figured out a hack to force an old style text login? I might even mod your posts up if you find a solution and share it!
Re: (Score:3, Insightful)
Vista Security -- Too Little Too Late.... (Score:2, Funny)
Re:Vista Security -- Too Little Too Late.... (Score:5, Funny)
Cancel or Allow.
Re:Vista Security -- Too Little Too Late.... (Score:5, Funny)
Re: (Score:3, Funny)
Cancel or Allow.
Uhm... Retry?
Re: (Score:3)
You are in the right place for that. (Score:2, Insightful)
The only story I want to hear about Vista security is what it fixes. We already know what Microsoft broke.
I've been telling you for years and I'll tell you again. The fix is:
Diversity is the only solution to internet security. The user gains immediate security in the short term. The community gains security in the long term as weak platforms are eliminated and can no longer be used to attack strong ones. Everyone wins when the monoculture ends. Free softwar
Re: (Score:2)
Re: (Score:2)
fix
And now that I've done my douche-bag move for the day, I can rest easy till tomorrow.
dear lord... (Score:4, Insightful)
User security, is like car safety. It's nice to design for "in case shit happens" but if you drive like a lunatic, you're likely to get hurt.
I think a large part of security involves the self. People don't do enough thinking, and are too lazy to follow simple security procedures. No automated tool or system, that allows some freedoms can protect people entirely. Think about it, the OS'es solution to malware? Only allow MSFT signed binaries to run. But this is horrible as it means only MSFT can authorize binaries and it cuts out 3rd party developers.
At some point the users themselves have to stop and learn how to use their computers properly, if they want to use them. If they're too lazy to figure it out, *and* demand security, they should not use a computer.
Of course it's largely MSFT's fault for breeding a culture of contempt for knowledge. Oh look it's so easy anyone can use it with zero training.
Imagine if MSFT made automobiles (but with the a yolk instead of a wheel/pedals, and other "standard improvements"). No training required!
Tom
Re: (Score:2, Insightful)
Good idea. Let's lobby for mandatory computer licenses, with proper training and a test. People won't be allowed to use a computer unless they have a license.
This plan is sure to succeed.
Re:dear lord... (Score:4, Interesting)
I don't think you can simultaneously pull on the resources of society when you fall victim to fraud, malware, or viruses (e.g. turned into a bot), and then reject learning how the tools work. Why should I pay interest rates, taxes, and other socially collected fees [ISP rates for instance] to cover for people who willing put themselves into harms way?
I never said we should have licenses though, you're putting words into my post (nice AC troll-fu btw). I just think society would be better served if as a whole, people had the first slightest clue about computers.
And it's not like the majority of folk don't want to use computers. So why is making it a mandatory part of the high school [or better yet elementary] curriculum such a bad idea? Of course, I'd love to see such curriculum not focus solely on Windows, maybe through in OS X and a Linux distro for good measure.
Tom
Re: (Score:3, Insightful)
I would love to see computers taught more in schools, but there are a couple of problems with doing it right now (which isn't to say in 5 years these problems will still exist).
First of all, schools need to teach reading, writing, arithmetic, science, etc. You get
Re: (Score:3, Insightful)
But figure this out, you can do things like English and most sciences, with a computer. Typing up an essay, running numbers through a spreadsheet to get standard deviation, etc. Most uni students I know, have to have crash courses in computers because their professors expect them to use things like Fortran, maple, magma, etc.
Granted, I
Re: (Score:2)
You focus on the student side of the equation, which I agree, has room for the information. But not on the teaching side. There is infrastructure required (classrooms, equipment, support), teachers required (
Math and Science aren't the only options (Score:2)
I think it would be nice if it came from the Creationism Class
Re: (Score:2)
As a student finishing up an education degree and getting ready to teach preschool and kindergarten in underprivileged communities, as well
Re: (Score:3, Insightful)
My concern is not that teachers won't do it, it's that the people who have the skills and abilities to
Re: (Score:3, Insightful)
Re: (Score:2)
It's not necessarily, but you could say the same thing about driving, cooking/nutrition, personal financial management, media literacy, and lots of other life skills subjects that don't relate to standardized tests. The problems are time, money, qualified teachers, and politicization/monetization of most of the subjects I listed above (see your average school board meeting about the sex ed program
Re:dear lord... (Score:4, Insightful)
As a 11 going on 12 year old kid I was setting up nodes for transcanada, fidonet, tattlenet and the like for the BBS that my brother and I ran. We were routing mail from all over north america and even into europe (thank god for cheap long distance plans with upper limits).
If an 11 year old can figure out, on their own, without classes, how to route mail, surely to god a competent adult can figure out how to turn off HTML emails, not run attachments, not run as root all the time. Or are you saying adults are in general very very stupid and shouldn't be trusted?
Your comment about driving is lost on me. Most adults drive fairly poorly. Running stops, speeding, not giving right away, etc. That there aren't more accidents than there currently are is mostly because people are good at avoiding them. It doesn't mean they're driving safe, it just means they know how to react when they're cut off, or pull a turn too quickly, or etc...
People in general just assume the world works for them and that putting any effort into anything is a sign of a weakness. If I have to learn how to use e-mail, it means I'm stupid or something, therefore I'll just pluck at it until I get my first chain letter [and then forward it off to 100 people] then i know I mastered email.
Tom
Re: (Score:2, Insightful)
I know, that's a dim view of humanity, but frankly, when I look at the world, that's what I see.
Re:dear lord... (Score:5, Insightful)
In today's world, people have to deal with too many different categories of information to become even competent laymen in all of them.
Do you know how your clothes are made? Do you know how your local power grid is laid out? Do you know how groceries are stocked in the store, or how to manage the logistics of getting food from all over the world into a single building? Do you know how roads are paved, water is delivered, sewage is handled, or waste is disposed of? Do you know the legal legal issues relevant to any of those fields?
Take fifteen minutes and try to list all the things you'd need to learn and build in order to make a ballpoint pen from scratch.. and I mean really from scratch. You don't get to order plastics and machinery from suppliers. Start with a patch of earth that magically contains all the funamental materials you need, and your bare hands. If you have to list fifteen different things before you even get to 'make a decent shovel', you're on the right track.
Our society works because we all cooperate, and generally trust each other. We trust the experts in textiles, power, etc. to do their jobs well enough that we don't have to become experts just to meet our own basic needs.
Re: (Score:2)
But wouldn't you get covered in bits of egg?
Re: (Score:2)
Tom
Re:dear lord... (Score:5, Funny)
It would be pretty horrific...
Are you sure you want to unlock your car? (Yes/No)
Please confirm this action: Start car (Allow/Deny)
The manufacturer of this car is not trusted, are you sure you want to start this car? (Yes/No)
The car is attempting to use gas that does not fall between 89 and 91 octane are you sure you want to continue? (Yes/No)
Are you sure you want to turn on the radio (Allow/Deny)
The manufacturer of this radio is not trusted, are you sure you want to turn on radio? (Yes/No)
Station 104.7 is attempting to play content that requires special priveliges, do you want to play 104.7? (yes/no)
Please confirm your administrative username and password.
Please confirm this action: Change to D (Allow/Deny)
This feature requires administrative priveligeges, please enter your username and password.
Re:dear lord... (Score:5, Funny)
MS is to blame for user mistakes in this case (Score:2)
With the installer needing admin privileges, no matter if its trying to install a driver or a game demo, the user cannot make a qualified decision whether the privileges asked for are warranted or not. You could blame the user if it was not so. If the user could install a game with "reduced" privileges and it asks for full admin rights, he could smell the rat. He cannot in an environment
Re: (Score:2)
I'd trust a game download fetched from idsoftware.com more than gamesgamesgamesgalore.com. If a game requests admin rights to install for my user, that would raise a red flag, etc.
Wow, two simple ideas that didn't involve a masters thesis from MIT.
I must be a genious.
Tom
Re: (Score:3, Insightful)
I'd trust a game download fetched from idsoftware.com more than gamesgamesgamesgalore.com.
But think about why you trust an Id game more... and then about how a relatively new user of computers, who hasn't been playing Id games for a decade, would know to make the same distinction.
You can't expect newbies to have the same base of computing experience to draw on that you do, to know what is historically trustworthy and what is historically shady. They don't know the history, and there's really no way to acquire that knowledge except through years of use.
If a game requests admin rights to install for my user, that would raise a red flag, etc.
It should -- but there are so many le
Re: (Score:2)
Even the simplest user can type "www.google.com". The information is out there, they just need to go and find it.
Sure, that's blaming the victim, but in this case the user is victimizing themselves.
If they can't be bothered to do the most basic research, screw 'em. Once they educate themselves, subsequent situations become easier to handle. If they choose to remain ignorant, then it's their own damn fault and I have no sympathy.
That being said, Vista's
Re: (Score:2)
Why should consumers expect security if they don't know how to use the tools (and yes, an OS is a tool, not an adventure!). If anything, be upset at how apathetic people are to
Re: (Score:2)
Tom
Re: (Score:2)
1. Learn to recognize spam/phishing
2. Not run attachments
3. Not run random binaries (even things like Party Poker.net)
4. Not read HTML emails
5. Not run as root (that fix takes all of 5 seconds to make)
etc...
You hardly need a degree in comp.sci to sort this out. People are just lazy, and will do whatever they want despite the fact they're their own worst enemy most of the time.
No libre OS can ever defend against eve
Re: (Score:2)
Remember when DOS used to come with a 300 page manual describing all the commands, their pros/cons, etc?
Typical Windows install media comes with nothing more than an advertisement for another MSFT product (e.g. XP Plus!). Not saying a manual is the solution, since nobody RTFM anymore. But definitely some form of training material would be warranted. They could start with safer defaults too I guess...
er um (Score:2, Funny)
Let me get my flame-proof suit on and say...... (Score:4, Insightful)
Come on. More than anything, Microsoft is in a no-win situation to try and protect people from themselves. If everyone ran Linux instead of Vista there'd be the same damn problems.
If a thirteen year old wants to download smileys for their IM client, the kid is going to do it. If the software has spyware, then that spyware would do what it takes to open up or break the system. It's pretty damn hard to code against human behaviour.
Re: (Score:2)
Apt-get (Score:2, Funny)
*ducks*
Re: (Score:2)
I'd have to agree. People want computers to be a toaster - throw some bread in, mash a button, and get toast. That is the extent they want their involvement to be if it isn't in their realm of interest.
To be honest though, there are plenty of other occupations that I'm clueless on. Put me in a fighter jet, or have me do someone else's taxes and your gonna see the same recipe for disaster. I'm sure there are plenty of people
Re: (Score:2, Informative)
Re: (Score:3, Insightful)
Apt-get is great, if the software you want is available from your distributions repositories. If it isn't, like the last piece of software I installed on my Ubuntu box, then you are left to download a
Users (Score:3, Interesting)
So, you can be "insecure by design", or you can expect your users to educate themselves just a little about how things work and their own role in the security equation. I'm sure the focus groups all say, "We'll take our chances, just don't make us have to think!"
90% of viruses and spyware? (Score:4, Insightful)
I think that's a bit low. There are only about 30 viruses for Macs (most of which are holdovers from OS 8 days) and I've not encountered one bit of spyware or adware. I don't have experience with Linux, but I imagine it's similar
I think the reason Windows is such a target isn't just its market share, but also its vulnerability.
Re: (Score:2)
Unfortunately, the old MS model - mostly pre-internet - ignored permissions, or implemented them poorly such that even trivial software is written expectin
Nice Article (Score:4, Funny)
In a nutshell, Windows is single-handedly responsible for turning the internet into the toxic shithole of malware that it is today.
you know it's going to be fair and balanced.
Re: (Score:3, Insightful)
you know it's going to be fair and balanced.''
The sad thing is that it's actually true.
Re: (Score:3, Insightful)
Re: (Score:3, Interesting)
"Fairly comprehensive" and "The Register" never, ever belong in the same sentence together.
This is one of those few times I've found myself wishing Slashdot had Digg's "Bury Story" feature – this article serves neither to enlighten nor to persuade. It's not aimed at the kind of intelligent, informed people at the center of the open source community who would genuinely be interested in how Vista's release affects Windows security; it only preaches to the choir of those poor and confused souls who hat
Article is putting Windows in too good light (Score:5, Informative)
As Billg likes to point out, Windows is the platform on which 90 per cent of the computing industry builds, and this naturally means that it's the platform on which 90 per cent of spyware, adware, virus, worm, and Trojan developers build. That translates into 90 per cent of botnet zombies, 90 per cent of spam relays, 90 per cent of spyware hosts, and 90 per cent of worm propagators.
This implies that Linux, Mac, Solaris, VMS, etc stands for 10% of the malware. This is not true. I would guess that non-Windows systems have less than 1% of the malware.
Gee.. biased a bit? (Score:3, Insightful)
The biggest Microsoft problem (Score:3, Insightful)
Microsoft can't fix the users, there will always be the crowd blindly clicking OK or tuning off the firewall because their game's troubleshooting tells them to.
But reducing the number of services and installed programs running, can reduce the number of vunerabilities present and active by default. How long did it take for them to give the option of actually turning off Messenger, despite no one ever using it. The deault install should be the minimum needed to access the net and use office. If we are all used to prompts and downloading programs a wait of a few seconds to install a progam from a file in the Windows install folder, to run something new, shouldn't be too much of a problem.
Especially if we have the option of actually uninstalling IE7 completely.
And on another note, I have watched this Vista launch and still I wonder. -
Why should I get it? I see alot of hype but not a single reason to upgrade.
Some strange quotes (Score:2)
It's funny the way he uses "IE7" when he's apparently talking about a mixture of IE and IE7... As far as I know, IE7 doesn't have many security bugs known until now, and especially not on Vista due to protected mode... Thre
I stopped reading at... (Score:2)
Because it's pretty obvious at that point the author is clueless.
Then again, it's the Register. What else to expect but clueless Microsoft bashing ?
OS vulnerability (Score:3, Insightful)
One of these days Microsoft will realize that system-wide changes are killing them. Perhaps when they start leasing remote desktop connections for $9.95 a month they will figure this out.
New Vista dialog (Score:2)
"you are about to read a scary story about the lack of security in Vista. Allow or cancel?"
FUD Fully Expected from The Register (Score:5, Insightful)
So, point by point:
While referring to IE's Protected Mode [msdn.com] feature:
However, there is a brokering mechanism that enables users to download files to any location they have access to, or to install browser plugins and extensions, and the like. So users are still invited to make a mess of their systems, and no doubt many will, while Microsoft has a chance to shift blame away from itself.
Uh huh. First, you can't install plugins/extensions (with the exception [msdn.com] of signed ActiveX) without admin privs. Period. Second, how, exactly, would you propose the user be able to save files to their Documents folder, or do any other file operation in their profile (or basically anyplace on the system) without this brokering mechanism? Would you prefer that Microsoft not allow users to download *any* files via the browser? Ya, that would work out well.
However, IE7 on Vista does still write to parts of the registry in protected mode.
IE7 is running as an extremely low-rights user. This does *not* mean that it doesn't have the ability to write to any part of the registry. It means that the register's ACLs must explicitly allow write access to the IE's low-rights user. Certain locations have been explicitly marked as write-safe for the low integrity process. The example given by The Register is one of them. In other words, it's not an issue.
However, DEP, when full on, may cause a number of applications to crash, or interfere with their installation. I'm betting that a majority of users will opt for the more conservative setting, and this of course means less defense for everyone.
You're betting that the majority of users, most of whom think "DEP" is an actor's last name, will go and hunt down the DEP setting and turn it off because it will supposedly cause lots of applications to crash? Really? You mean they won't selectively turn it off via the dialog box that comes up after a DEP-related crash that asks if you want to turn it off just for this application? Oh, and what quantitative study are you sighting that shows that lots of commonly used applications will crash because of DEP? Give me a break.
User Account Control (UAC) is another good idea, because it finally, finally, finally allows the machine's owner to work from a standard user account, and still perform administrative tasks by supplying admin credentials as needed on a per-action basis. You know, the way Linux has been doing it forever.
Windows has supported running individual processes as admin (or any other account) since NT4. It was integrated into the GUI in Windows 2000. That is not the point of UAC, and it's not how Linux does it at all. If you try and run an application or perform an operation on Linux or Unix that requires admin access, it will fail. It doesn't prompt you. It's a subtle, but big difference. And it's a critical difference in the Windows world where that vast majority of applications won't work without admin privs.
Of course, it only works if everyone stays out of the admin account as much as possible, and if everyone with an admin password knows better than to install a questionable program with admin privileges. And there's the catch: "Windows needs your permission to install this cleverly-disguised Trojan nifty program. Click Yes to get rooted continue."
Wrong. It works regardless of what user you *think* you're running as. An admin account on Vista (with UAC enabled) is NOT AN ADMIN ACCOUNT. It's a limited user. The *only* difference is that an admin account isn't prompted to t
Re:Why should they have a problem? (Score:5, Funny)
Back on topic: Vista tests for my corporation have been far from impressive in both security and performance. I'll stick with the XP Upgrade method I think. "Skin XP to look like Vista... open up the case, remove half the RAM and clock the CPU back a few notches"
Re: (Score:2)
Re: (Score:2, Funny)
You forgot "break Media Player". From BOFH: The Craptop [theregister.co.uk]:
Re:Why should they have a problem? (Score:4, Funny)
What security or performance "tests" did you run that you found "far from impressive"?
Note:
1) Open web browser
2) Load www.slashdot.org
3) Read what other people who haven't actually tested Vista posted
... is not a valid test. ;)
Re: (Score:3, Informative)
If someone figures out an exploit to make that "OK" automatically, yes, running as admin will be significantly less secure. Until someone figures that out, though, running admin with UAC on is just as secure as running
Re: (Score:3, Insightful)
Piece of cake.
UAC annoys you when you try to run a setup program, _any_ setup program, for whatever reason, even a screensaver or desktop picture if it is a setup format.
In Linux you are not asked root's password to change desktop picture or installing random program and that's a major difference. Installed program has user account rights, but _that's the assumption_ and most programs respect that and, contrar
Re:Limited User Accounts (Score:4, Insightful)
So changing the desktop wallpaper is a security issue in Linux too?
The problem is not that Vista asks for permission where admin is required, it's that it asks for permission everywhere.
Re: (Score:2)
I just sent a suggestion to Microsoft. A virtual registry/file directory structure stored in each users profile, under the local settings folde
Re: (Score:2)
I just sent a suggestion to Microsoft. A virtual registry/file directory structure stored in each users profile, under the local settings folder.
Congratulations. You've just suggested to Microsoft they do exactly what they've already done in Vista.
Re: (Score:2)
Re: (Score:2)
Try here [microsoft.com]. Search for "File System and Registry Virtualization".
If you want more details, consult MSDN or Google.
Re: (Score:2)
Re: (Score:2)
This would be in the lower levels of the operating system on an fopen type call.
fopen -> do you have privleges?
yes -> write file
no -> check to write to the virtual setup
yes -> write to the virtual setup
no -> fail with a no privleges error.
So legacy programs (or poorly written non-legacy programs) will still work, even if the coder doesn't know about %APPDATA%.
Re:Limited User Accounts (Score:5, Interesting)
UAC is still useful as an Administrator. Until you elevate your privileges, a UAC user *is* a regular user (essentially they have two possible tokens, a regular user token and an Administrator token, and unless you elevate, they're using on the regular user token). This means that the "protection" that it offers is the same; what differs is the ease with which you can switch between the two kinds of user (click a button vs. enter a password). So I don't think that's actually a huge problem.
Whenever something is done for which the regular user token isn't good enough, you can elevate to an Administrator token. That brings up the UAC prompt; it does it for broadly the same category of operations that MacOS X or Linux will demand root access for.
The thing is, the prompt is quite annoying. It's not any more annoying than it is on other OSes; they're annoying too. But a password is even more annoying than clicking the box. And if something is annoying, well, people are going to try to avoid it.
That's the dilemma faced by MS. If they make the thing too annoying, everyone will one way or another disable it. Originally UAC not only required a password, but also a ctrl-alt-del (so that the password couldn't be intercepted or anything). ctrl-alt-del to enter the password was too annoying; it was too intrusive. So they disabled that by default (though you can reinstate it if you want, through a GPO). Entering a password by default was also too intrusive, so again, they disabled it by default (and again, you can reinstate it across the board, even for Administrators, if you want). The reason they did this is because they want the level of annoyance to be livable. If UAC is so annoying that people outright disable it, it's useless. If it's a minor annoyance, they probably won't turn it off.
I've been using Vista since it went RTM, and I have to say, I don't see many UAC prompts any more. I did at first, when I was installing all my software, but now, it's pretty infrequent. It's certainly something I can live with. I did try cranking it right up--passwords for all users, with ctrl-alt-del to enter them--but it's far too annoying to put up with. I can't really fault MS for making the trade-off the way they made it. Hopefully, as applications improve, elevation prompts will become more infrequent (for example, I have to elevate to play Battlefield 2, because Punkbuster "needs" admin rights... this is something that they really need to fix), and when this happens, demanding a password to elevate won't be so onerous. But as things stand right now, there are just too many problematic applications. This isn't really MS's fault (it's not like NT's DAC is new...), but it is something that they've got to live with, and provide a solution for.
Re: (Score:2)
What I don't get is why they don't make the user a limited user to begin with.
It is.
Administrator in Vista != Administrator on XP (or earlier)
Re:You can't build a fort on a foundation of shit. (Score:4, Insightful)
The security of Windows has always been built upon such a foundation of shit. That's why it's had so many problems. Instead of drawing from the proven security models of systems like UNIX and VMS, the Windows developers went and rolled their own. And you know what? It was shit. It didn't have a solid theoretical underpinning like the security model of other systems have. It's been over 20 years later, and they still haven't looked to the proven models for inspiration.
Windows has the same "theoretical underpinning" as VMS (hardly surprising, given they're designed by the same person). Which is, I must point out, vastly superior to that of traditional (and most contemporary, at least as commonly configured) UNIXes.
There is little, to nothing, wrong with the "foundation" of Windows.
Re: (Score:3, Funny)
Ah yes, the foundation is well designed. But when they were mixing up the concrete they forgot the cement.
Re: (Score:2)
Re: (Score:2)
Or figure out what usenet is. =P
Re: (Score:3, Insightful)
The problem
Re: (Score:3, Insightful)
Re: (Score:3, Informative)
You can have a privacy-protecting, DRM-free, open source system that also has good security - these goals are not mutually exclusive. A few years ago Apple implemented a sudo workalike for OS X that lets you run a system as a normal user; the so-called 'administrative' Mac user is not really one with root privileges, but is just allowed to sudo if you provide authentication. Many UNIX flavors and and Linux distributions had this as a configurable option for years, but after OS X some common Linux distros
Re: (Score:3, Insightful)
You just described SELinux to a T.
Careful, you live in a glass house. The entire Linux permission and security system is at it's heart so utterly outdated as to be almost rediculous. NT had (and all version s of windows based on it) a beter base persmission and security system (Regardless of the fact that people decided not to use it) than Linux has at it's heart even today.
SE Linux is a hack on top of a lacking persmission system of a level even worse than what you are describing (wich is mo