UAC=U Are Compromised/Vista Hacked at Black Hat

Discussion in 'Windows Vista General Discussion' started by Chad Harris, Aug 5, 2006.

  1. Chad Harris

    Chad Harris Guest

    Vista hacked at Black Hat
    http://news.com.com/Vista+hacked+at+Black+Hat/2100-7349_3-6102458.html?tag=nl

    Vista hacked at Black Hat

    By Joris Evers
    http://news.com.com/Vista+hacked+at+Black+Hat/2100-7349_3-6102458.html

    Story last modified Fri Aug 04 15:26:35 PDT 2006






    LAS VEGAS--While Microsoft talked up Windows Vista security at Black Hat, a
    researcher in another room demonstrated how to hack the operating system.
    Joanna Rutkowska, a Polish researcher at Singapore-based Coseinc, showed
    that it is possible to bypass security measures in Vista that should prevent
    unsigned code from running.

    And in a second part of her talk, Rutkowska explained how it is possible to
    use virtualization technology to make malicious code undetectable, in the
    same way a rootkit does. She code-named this malicious software Blue Pill.

    "Microsoft is investigating solutions for the final release of Windows Vista
    to help protect against the attacks demonstrated," a representative for the
    software maker said. "In addition, we are working with our hardware partners
    to investigate ways to help prevent the virtualization attack used by the
    Blue Pill."

    At Black Hat, Microsoft gave out copies of an early Vista release for
    attendees to test. The software maker is still soliciting feedback on the
    successor to Windows XP, which is slated to be broadly available in January.

    Rutkowska's presentation filled a large ballroom at Caesars Palace to
    capacity, even though it was during the last time slot on the final day of
    the annual Black Hat security confab here. She used an early test version of
    Vista for her research work.

    As one of the security measures in Vista, Microsoft is adding a mechanism to
    block unsigned driver software to run on the 64-bit version of the operating
    system. However, Rutkowska found a way to bypass the shield and get her code
    to run. Malicious drivers could pose a serious threat because they run at a
    low level in the operating system, security experts have said.

    "The fact that this mechanism was bypassed does not mean that Vista is
    completely insecure. It's just not as secure as advertised," Rutkowska said.
    "It's very difficult to implement a 100 percent-efficient kernel
    protection."

    To stage the attack, however, Vista needs to be running in administrator
    mode, Rutkowska acknowledged. That means her attack would be foiled by
    Microsoft's User Account Control, a Vista feature that runs a PC with fewer
    user privileges. UAC is a key Microsoft effort to prevent malicious code
    from being able to do as much damage as on a PC running in administrator
    mode, a typical setting on Windows XP.

    "I just hit accept," Rutkowska replied to a question from the audience about
    how she bypassed UAC. Because of the many security pop-ups in Windows, many
    users will do the same without realizing what they are allowing, she said.

    In other a.. The widening world of Wikimedia
    b.. Copyright tussles for Google
    c.. Vista's close-up at Black Hat
    d.. News.com Extra: The best tech gear that you can't buy here
    e.. Video: Electric car hits 130 mph
    Microsoft has touted Vista as its most secure version of Windows yet. It is
    the first operating system client to go through the company's Security
    Development Lifecycle, a process to vet code and stamp out flaws before a
    product ships.

    "Windows Vista has many layers of defense, including the firewall, running
    as a standard user, Internet Explorer Protected Mode, /NX support, and ASLR,
    which help prevent arbitrary code from running with administrative
    privileges," the Microsoft representative noted.

    After the presentation on bypassing the driver shield, Rutkowska presented a
    way to create the stealthy malicious software she code-named Blue Pill. The
    technique uses Pacifica, a Secure Virtual Machine, from chipmaker Advanced
    Micro Devices, to go undetected.

    Blue Pill could serve as a backdoor for attackers, Rutkowska said. While it
    was developed on Vista and AMD's technology, it should also work on other
    operating systems and hardware platforms. "Some people suggested that my
    work is sponsored by Intel, as I focused on AMD virtualization technology
    only," she said, adding that is untrue.
     
    Chad Harris, Aug 5, 2006
    #1
    1. Advertisements

  2. Chad Harris

    Alan Simpson Guest

    To non-technical folks reading this, let me just say that Chad got it
    backwards in the Subject line to his post. This particular hack requires
    that the intruder have system-administrator privileges to turn off
    driver-signing requirements. Therefore the following subject line would be
    far more accurate and truthful:



    UAC = U Are Not Compromised
     
    Alan Simpson, Aug 5, 2006
    #2
    1. Advertisements

  3. Chad Harris

    Jason Guest

    Very nice Alan. Thanks for sharing :)

     
    Jason, Aug 5, 2006
    #3
  4. Chad Harris

    Jeff Guest

    Hi,
    Maybe I read it wrong;but;
    To stage the attack, however, Vista needs to be running in administrator
    O.K.
    What part of UAC protected it? Sure ya gotta be runnin as admin;which is still default when you initially set up Vista; and to show this point;go to UAC setup in control panel; where;if you follow it; it will show that; the person's privelege is admin,at least in 5384.
    Which then follows her next comment;that has been conviently snipped in this thread;read above;
    "I just hit accept," Rutkowska replied to a question from the audience about
    So back to the original point;hacked;easily!!
    Jeff
    Very nice Alan. Thanks for sharing :)
     
    Jeff, Aug 5, 2006
    #4
  5. Hi,
    Maybe I read it wrong;but;
    To stage the attack, however, Vista needs to be running in administrator
    O.K.
    What part of UAC protected it? Sure ya gotta be runnin as admin;which is still default when you initially set up Vista; and to show this point;go to UAC setup in control panel; where;if you follow it; it will show that; the person's privelege is admin,at least in 5384.
    Which then follows her next comment;that has been conviently snipped in this thread;read above;
    "I just hit accept," Rutkowska replied to a question from the audience about
    So back to the original point;hacked;easily!!
    Jeff



    Well, when you come up with a way to cure stupidity or teach common-sense to the average person, please post it here. As with any most other security measure, UAC depends upon interaction with a human.
     
    Mark D. VandenBerg, Aug 5, 2006
    #5
  6. Chad Harris

    Jeff Guest

    Mark,
    Point being; doesn't matter about uac.
    Jeff

    Hi,
    Maybe I read it wrong;but;
    To stage the attack, however, Vista needs to be running in administrator
    O.K.
    What part of UAC protected it? Sure ya gotta be runnin as admin;which is still default when you initially set up Vista; and to show this point;go to UAC setup in control panel; where;if you follow it; it will show that; the person's privelege is admin,at least in 5384.
    Which then follows her next comment;that has been conviently snipped in this thread;read above;
    "I just hit accept," Rutkowska replied to a question from the audience about
    So back to the original point;hacked;easily!!
    Jeff



    Well, when you come up with a way to cure stupidity or teach common-sense to the average person, please post it here. As with any most other security measure, UAC depends upon interaction with a human.
     
    Jeff, Aug 5, 2006
    #6
  7. Chad Harris

    Alan Simpson Guest

    You need system administrator-level permissions to turn off the driver-signing requirements first. Not UAC administrator privileges. According to the Information Week article...



    "...an attacker with systems administrator-level privileges could trick Windows Vista Beta 2 kernel, x64 edition, into disabling its signature-checking function and allow any unsigned device driver to be loaded onto a user's system."



    Once the signature-checking feature is turned off then, sure, it's just a matter of clicking Accept or Continue to let unsigned drivers in. But for the vulnerability only exists after the attacker has turned off signature checking. And to do that the attacker apparently needs higher privileges than UAC allows. So it's really a pretty minor vulnerability and one that'll probably be easy to fix (given that it apparently only exists in the 64-bit beta 2 kernel). Definitely not a deal-breaker for me, personally ;-)
     
    Alan Simpson, Aug 5, 2006
    #7
  8. Chad Harris

    Chad Harris Guest

    Chad has stated that Alan the Blue Pill exploit was not possible when
    running as less than admin, in 3 or 4 posts when he can keep the MSFT
    orange badge flunkie who has the bottom feeder community job from knocking
    his posts off here. Mark VandenBerg pointed this out clearly as well.

    But with all the requests ( go on some of the better public forums for XP
    and Vista) to turn off UAC, or suggestions spreading like a pandemic to take
    the last 4-5 secpol entries on the list and run as admin, I think UAC's
    deployment is so horrible that a high percentage of people people will not
    run as less than administrator.

    Also there will be other hacks and exploits to UAC and there are many
    already to IE7 Beta 3 and IE7 that is in the latest build released to Tap on
    Aug. 2.

    Alan several of your fellow book authors are now critical of UAC deployment
    in a major way.

    So given that many will kick UAC to the curb, and run as admin or turn it
    off, I think U are Compromised is prescient and relevant.

    CH
     
    Chad Harris, Aug 5, 2006
    #8
  9. Chad Harris

    Chad Harris Guest

    Again, again I have said that in about 4-5 posts Jeff but MSFT keeps
    knocking my posts off the server because they are up tight over criticism of
    Vista and the chaos in Redmond over Vista deadlines and the now ground swell
    of emails they are getting to hold it up. Many TAP testers I talked to
    locally are very very disatisfied with Vista's deployment in their
    organizations and they are letting the Softy "advisor" to their
    participation know.

    CH


    Hi,
    Maybe I read it wrong;but;
    To stage the attack, however, Vista needs to be running in administrator
    O.K.
    What part of UAC protected it? Sure ya gotta be runnin as admin;which is
    still default when you initially set up Vista; and to show this point;go to
    UAC setup in control panel; where;if you follow it; it will show that; the
    person's privelege is admin,at least in 5384.
    Which then follows her next comment;that has been conviently snipped in this
    thread;read above;
    "I just hit accept," Rutkowska replied to a question from the audience
    about
    So back to the original point;hacked;easily!!
    Jeff
    Very nice Alan. Thanks for sharing :)
     
    Chad Harris, Aug 5, 2006
    #9
  10. Chad Harris

    Chad Harris Guest

    UAC is so eggregiously horrible and unrealistic as a deployment, not as a
    concept, in contrast to what Linux does according to many Linux
    administrators who are also TBTing Vista, that it is not going to be kept on
    by Joe and Suzy 6 pack computer user.

    Redmond needs a few focus groups from average people on UAC. I noticed that
    many many many Beta testers posted workarounds to UAC early on--in secpol,
    regedits, and at msconfig among others. UAC usability has not gotten
    incrementally better to the extent it should to prevent the penchant for the
    bell shaped curve of users to turn it off. That is my concern.

    Also I predict that therer will be exploits out there that don't need you to
    run as admin. I'll bet as the Black Hat meeting goes on, there will emerge
    more Hacs and I'll bet 2600 will soon publish some.

    http://www.2600.com/

    http://www.blackhat.com/

    CH


    Hi,
    Maybe I read it wrong;but;
    To stage the attack, however, Vista needs to be running in administrator
    O.K.
    What part of UAC protected it? Sure ya gotta be runnin as admin;which is
    still default when you initially set up Vista; and to show this point;go to
    UAC setup in control panel; where;if you follow it; it will show that; the
    person's privelege is admin,at least in 5384.
    Which then follows her next comment;that has been conviently snipped in
    this thread;read above;
    "I just hit accept," Rutkowska replied to a question from the
    audience about
    So back to the original point;hacked;easily!!
    Jeff



    Well, when you come up with a way to cure stupidity or teach common-sense
    to the average person, please post it here. As with any most other security
    measure, UAC depends upon interaction with a human.
     
    Chad Harris, Aug 5, 2006
    #10
  11. Chad Harris

    Alan Simpson Guest

    So what's your solution?


     
    Alan Simpson, Aug 5, 2006
    #11
  12. Chad Harris

    Jimmy Brush Guest

    Point being; doesn't matter about uac.

    It DOES matter - not EVERYONE will "just hit accept". Any security is better
    than no security.

    Eventually, users will understand UAC, and know when to click and when not
    to click. I say a large chunk of users will "just get it" and use the
    feature intuitively, but I would be a fool to say EVERYONE will. Some people
    will resist. Some people will be apathetic and just click Continue, as you
    imply.

    However, UAC is not going anywhere - it will be around for a long, long
    time. The longer it lives, the more percentage of people that will use it
    right. Eventually, it will become understood and used correctly by the
    majority, especially as UAC evolves after feedback from the first Vista
    release and MS fine-tunes it.

    And then, finally, Windows will be running with an effective security model.

    And there will be some peace for a little while.

    And then malware will adapt, and the cycle will repeat.

    - JB

    Vista Support FAQ
    http://www.jimmah.com/vista/
     
    Jimmy Brush, Aug 5, 2006
    #12
  13. Chad Harris

    Chad Harris Guest

    "Microsoft completely botched UAC," Thurrott says. "It's almost criminal in
    its insidiousness"

    One solution, Alan, is to completely rework the deployment/implementation
    of UAC so that it exists, but it does not throw a box in someone's face
    every time they make a miniscule move--to rename a shortcut or folder, to
    drag into a folder, ect. The first of many Black Hat exploits the lady
    reported the other day also involved clicking OK and people will do that
    right and left.

    What Chris Corio and his UAC team are doing, is to superficially trim a few
    of the prompts (as if it's a big deal they stop the command elevation--they
    need to but that's superficial). They don't get it. Again the least
    technically sophisticated managers in the MSFT Sinofsky "make the trains run
    on time--but screw it if they're running off the track" ethos is
    thecontrolling, pervasive Vista culture. They are under tremendous pressure
    to slap it together and put out something that has a Vista name on it and to
    gush it's Vista, it's a paradigm shift, it's clear, confident,and connected.
    It's as clear and confident and connected as the Iraq war is, and the robots
    and automatons who persist in pushing the FIASCO.

    Is Window's Vista too Protective
    http://www.edbott.com/weblog/?p=1186

    Is Windows Vista ready?
    http://www.winsupersite.com/showcase/winvista_ready.asp
    "No. God, no. Today's Windows Vista builds are a study in frustration, and
    trust me, I use the darn thing day in and day out, and I've seen what
    happens when you subject yourself to it wholeheartedly. I think I've
    mentioned the phrase "I could hear the screams" on the SuperSite before. My
    wife said that to me one day, and she was referring to the sound of me
    barking some primeval curse at my desktop PC as it succumbed to Vista's
    stupid slowdowns, crashes, and hang ups for the umpteenth time. She, more
    than anyone, knows the frustration I've experienced because of Windows
    Vista. But even she doesn't know the details. They would bore her, frankly.
    She's normal like that.

    I've been working with Windows Vista for a long, long time, and I've seen
    how it's evolved. Heck, I've been working with Microsoft OS betas for over
    12 years now, and while it's very clear that Vista hasn't exactly followed a
    trajectory that's at all similar to any of the other betas, it's also true
    that each OS beta has its own vibe"


    What I Don't Like About UAC
    by Martin Zugec, MSFT MVP
    http://msmvps.com/blogs/martinzugec/archive/2006/06/04/99341.aspx

    7 Steps to Delete a Shortcut with Vista UAC
    http://www.flickr.com/photo_zoom.gne?id=151250154&size=o

    http://blogs.msdn.com/uac/

    On to the transcript…



    Question: Can I ask technical questions while the presentation is going on?

    Private Answer: Yes



    Question: Will this be in the form of an on-demand webcast?

    Answer: Yes. Watch your inbox tomorrow for an e-mail with information about
    viewing this webcast on demand and downloading a WMV file. The e-mail will
    also include a link to a downloadable PowerPoint presentation of today’s
    webcast. [Anyone can watch it again here.]



    Question: I connected some Windows Vista workstations to an SBS2003 server,
    and every logon, the default SBS2003 logon script runs a Client\Setup.exe,
    which kicks up the UAC screen. This does not seem to be a desirable feature
    of every logon.

    Answer: This is something that we are working with the SBS team on right
    now. This logon script updates binaries and settings configured by SBS, but
    it is rarely updated. Currently, we recommend that you propagate an App
    Compat shim marking the client\setup.exe binary as not requiring
    Administrator privileges. The proper run level would be asInvoker.



    Question: How can you run things as an admin that don't specifically have a
    Start menu icon? For instance, an applet in the taskbar that requires admin
    access (but right-click over doesn't allow for "Run as...").

    Answer: You can either browse to the binary and right-click it, or you can
    run a CMD window with Administrator privileges and run it there.



    Question: What is Microsoft doing to educate vendors on how to write
    applications that don't require admin rights?

    Answer: We've done our best to let all developers and ISVs know about this
    product by presenting at numerous conferences since PDC '05. We also have
    guidance available online. Check out the resources slide for those links.



    Question: Is it possible for IT departments to update the app compat list
    using, say, GPO or SMS?

    Answer: Yes. You can use GP to deploy the App Compat shims.



    Question: I am asking about the domain users in the local machines. Does
    this apply to it?

    Answer: UAC applies to both domain users and local users.



    Question: You have mentioned App Compat shims several times in the replies.
    Is there some detailed documentation on App Compat Shims available?

    Answer: Yes, take a look at:
    http://www.microsoft.com/technet/windowsvista/deploy/appcompat/acshims.mspx



    Question: So you can drop a manifest in alongside an app that you did not
    produce (e.g., I have an app from a defunct ISV)?

    Answer: Yes, as long at the app does not have an internal manifest, which
    would override the external one. You can also use the tool mt.exe (shipped
    with Visual Studio) to add an internal manifest to an existing .exe.



    Question: My initial take on UAC is you are simply masking over the real
    problem of users with admin rights. If they have an admin password, they are
    only one step away from hacking their computer. Will we be able to identify
    and customize the ACLS on all system components based on application
    requirements to allow these applications to run without supplying an admin
    password?

    Answer: Our goal is to reduce the privileges that applications are designed
    to run with. Unfortunately, because all of our users prior to Windows Vista
    were members of the Administrators group, applications often unnecessarily
    required that the user be an administrator. We are trying to help the
    industry understand that oftentimes they don't need administrator privileges
    to execute their applications, and we expect many users in enterprises to no
    longer run as administrators.



    Question: Can the local store be relocated to better support roaming
    profiles?

    Answer: Unfortunately, the location of the virtual store isn't configurable.



    Question: That so it is of stability? (Sorry for my English) will be able to
    use the old standard user or not?

    Answer: You can still run your users as member of the users group. If you
    want exact parity between XP, you should disable the UAC installer detection
    feature and file virtualization.



    Question: I referred to me that in spite of being a beta, if Windows Vista
    is stable in its totality or still it has things to correct.

    Answer: We continue to refine Windows Vista as we move toward release. We
    feel that the beta version is quite stable.

    Question: I'm still confused. Applications don't "require" admin rights.
    Applications perform tasks on a computer that accesses system components
    (directories, registry, services, etc.) that are locked down to admins only.
    Can we not identify these components in advance and adjust the ACLs on these
    components to give the standard user the ability to access?

    Answer: You could do this, but then any malware running as the user could
    also change those settings. This would undermine any security model that an
    application or Windows has established for those resources.



    Question: In what SKUs is the secpol available?

    Answer: secpol.msc is available in all SKUs [Correction from live chat:
    secpol will only be available in the SKUs that support group policy:
    Business, Enterprise, and Ultimate.]



    Question: Given that we'll be running in a mixed environment at first
    (Windows XP and Windows Vista), will any level of these controls be
    available for XP via a patch?

    Answer: There are currently no plans to move UAC down-level. However, as you
    understand which applications can run as standard users on Windows Vista,
    you can move your Windows XP users into the Users group and get similar
    performance.



    Question: How can I make a white list program by vendor or by location or
    what?

    Answer: Check out the Software Restriction Policy white paper available
    here:
    http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx



    Question: What was that again? If I disable UAC, do I also lose the new
    security features of Internet Explorer?

    Answer: Internet Explorer will not be running in Protected Mode if UAC is
    disabled.



    Question: What is the URL for the compatibility tools?

    Answer:
    http://www.microsoft.com/technet/desktopdeployment/appcompat/toolkit.mspx



    Question: Can we see the vote results?

    - Alex



    CH



    Read it--Find out what the American lemmings are complacently allowing to
    occur Be different Read a paper like the NYTimes--Fiasco: The American
    Military Adventure in Iraq (Hardcover)

    http://www.amazon.com/gp/product/15...=pd_bbs_1/102-3215667-3228953?ie=UTF8&s=books


    CH
     
    Chad Harris, Aug 5, 2006
    #13
  14. Chad Harris

    Jeff Guest

    Jimmy,
    Relax, :)
    Really, it doesn't matter if you're Fort Knox;someone;somewhere will
    always try to gain access.
    Theoretically; I totally agree with the concept;
    The implementation;however; is not up to MSFT; it ends up in the
    end-user's hands.
    And;at this point;in the development of this UAC model;granted;it's not all
    polished. But again;point being;I think you may well see a general tendency
    for many;to not try to understand concepts;and consider UAC a pain.
    Eventually?
    Eventually everything happens, but;not that it should be; first impressions
    go a long way.
    And most people's initial interaction with UAC(in it's current form);
    will be their basis of further actions;
    Which is to say;the 1st time Joe user tries to move a folder;gets prompted
    for admin;says o.k. ; then denied; they will just get frustrated;and
    gravitate towards the simplest;easiest resolution.
    Which then follows; doesn't matter about UAC from that point on.

    Jeff
     
    Jeff, Aug 5, 2006
    #14
  15. Chad Harris

    Jimmy Brush Guest

    Jimmy,
    I'm not upset, I enjoying debating - it is helpful to MS if they read this,
    and we learn from each other.
    Of course. They will TRY. Why make it easy for them? You're not implying
    here that because true security is impossible we should just give up, are
    you?
    Correct - the user decides what he/she wants to have access to the system.
    This is the only model that works.

    There are already automated solutions out there that pick up malware, but
    these don't work 100%. This model is like having a bodyguard outside of your
    house with a list of people to deny access (and you don't control the list).
    The bodyguard will keep many bad people out, but still alot of bad people
    will just come right in.

    On the other hand, keeping your doors and windows locked and then deciding
    who to let in on a case-by-case basis is a much better idea, ESPECIALLY when
    you still have a bodyguard outside to tell those known bad people to shove
    it. Someone can knock on the door, and you can peep thru the peephole and
    decide whether or not to let them in. This is YOUR decision, and that is the
    way it has to be - no computer can decide for you whether to open the door
    or not, and be totally effective.

    Of course, you still have the option of opening the door for everybody, as
    well as just keeping your doors unlocked, but oh well - that's your choice.

    And, just because your doors are locked and you have a security system AND a
    body guard doesn't mean that NOBODY can break it - it just makes it is MUCH
    HARDER for them to do so - this will make it challenging, and so the vast
    majority of bad guys will pass by your house, and only the real
    professionals will attempt to break in.
    I think in terms of RTM and later, this will not be the general case.
    No, ALL things don't happen eventually ;). Some things do. First impressions
    do go a LONG way, you are correct... but I think this will be a moot point
    down the road, when all programs expect to run in a UAC environment, and
    things are just more natural with it turned on than with it turned off.

    When we get there, people will consider those with UAC turned off
    risk-takers, the same way in *nix people consider those who log in as root
    instead of using su as risk-takers.
    The example you gave shouldn't happen (being denied permission after
    elevating with UAC). Although, it does happen in some certain specific
    circumstances.

    To be honest, the only misgivings I have about UAC (yes, I have some too)
    are with working with the file system. This is the only MAJOR pain point
    IMHO. (I don't call clicking Continue a major pain point ... a minor one,
    indeed, not major).

    In many cases, UAC simply does not play nice with the file system - and the
    poor solutions MS has come up with to mitigate this is insufficient (ie
    "Windows tried to change security settings but couldn't - you should try
    editing security" hey thanks, thanks alot ... or "You need permission from
    Jimmy to do this" - hey that's ME!)

    But, other than on that point ... I think MOST USERS (who won't run into
    filesystem based problems) will not have major issues with UAC, and will
    leave it on, and eventually begin to understand it.

    You seem to be pointing out the specific cases where UAC fails, while I tend
    to point on the more general case where it works.

    You and I are both correct; however, I think the success cases will outweigh
    the failure ones.

    The failure cases have workarounds and are usually experienced by more
    advanced users (though not always), whereas the success cases protect the
    majority of users (assuming they understand it).

    There is a chance for it to go either way ... but I really think it is going
    to work, and then get better and better :)

    - JB

    Vista Support FAQ
    http://www.jimmah.com/vista/
     
    Jimmy Brush, Aug 5, 2006
    #15
  16. Chad Harris

    Jeff Guest

    Jimmy;
    OK
    BTW-this is beta stuff;so hopefully it'll get worked on
    Oh; I had it tell me I had to ask Jeff; for permission TOO!!!! LOL
    Oh; and about that search issue I had the other day? Somehow it was WAY
    corrupted;
    Reformatted;reinstalled;and BINGO; C drive showed up in the indexing
    options, and it works right.
    Go figure!!! That's why it's beta

    Jeff
     
    Jeff, Aug 5, 2006
    #16
  17. Chad Harris

    Alan Simpson Guest

    Well those are certainly good suggestions if users are prompted for
    elevation every time they perform some miniscule task. I wasn't able to
    duplicate that problem on my own machine. I can rename, move, and delete
    files, folders and shortcuts from my standard account without any prompts
    for elevation whatsoever. But you're certainly right, that's the way it
    should be.



    But getting back to the original point, I still stand by my initial
    assertion that Rutkowska's finding that an attacker with systems
    administrator-level privileges could trick Windows Vista Beta 2 kernel x64
    into disabling its signature-checking function doesn't even come close to
    being in the general vicinity of the ballpark of equating to UAC = U Are
    Compromised. And I still advise people not to take such sweeping
    overgeneralizations to heart. There is simply nothing in Rutkowska's finding
    that means UAC is bad for you or your computer.



    Personally, I have no problem with UAC. I'd rather stay in my standard
    account and be prompted for elevation as needed then have to log out and log
    into an administrative account to perform some simple administrative task.
    But I guess that's just me.
     
    Alan Simpson, Aug 5, 2006
    #17
  18. Chad Harris

    Chad Harris Guest

    No it's not just you, Alan. There is considerable support for UAC, and
    considerable support for being able to run as a standard user and if it's
    user friendly and quick to be able to elevate for the period of time you
    need to get tasks done, and a Steve Riley [MSFT Security] talk on it is a
    treat to behold. But they must be able to be resourecful enough to make
    this more workable IMHO so that it can be embraced and adopted as the norm
    which is what they want to happen.

    CH
     
    Chad Harris, Aug 5, 2006
    #18
  19. Chad Harris

    Robert Moir Guest

    The majority will. The majority do now. There are plenty of email vectored
    viruses out there that require a user to download a zip file email
    attachment, open it and type in the password included in the body of the
    email, and then install whatever is inside it, and these seem to be
    spreading nicely.
    Any good security is better than no security. Bad security, the sort that
    lulls people into a false sense of feeling secure, is worse than doing
    nothing.
     
    Robert Moir, Aug 5, 2006
    #19
  20. If you are using 5472 be aware that there are significant changes to UAC
    since 5384 that simplifies doing things like deleting shortcuts from the
    desktop.
     
    Colin Barnhorst, Aug 6, 2006
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.