Well here is another UAC tool from Vista.

Discussion in 'Windows Vista Security' started by Mr. Arnold, Oct 11, 2008.

  1. Mr. Arnold

    Mr. Arnold Guest

    Mr. Arnold, Oct 11, 2008
    #1
    1. Advertisements

  2. Mr. Arnold

    Gordon Guest

    Gordon, Oct 11, 2008
    #2
    1. Advertisements

  3. Mr. Arnold

    Rotten Ronny Guest

    You do realize that applies to 90% of computer nerds, right? I have a friend
    who is like that and I am always asking him when he is actually going to use
    his computer as a tool (as it was intended to be used) instead of playing
    program manager on it. He buys new hardware just to geek out on upgrading
    when he has no actual use or need for the hardware.
     
    Rotten Ronny, Oct 11, 2008
    #3
  4. Security is such a bother...

    It's so annoying to have to click again after I already
    clicked such a short time ago...

    All I wanted to do was execute a program - one click
    should be sufficient for the task...

    After all, It's not like I'm trying to *delete* something...

    (which should take eleven clicks to make sure I really meant
    to delete what I'm trying to delete because I don't have any
    backups in case the file I delete is needed later*)...

    Leave it to Symantec to "give the people what they want"
    with no regard for the security implications.

    * After the recycle bin there should be a truck and then a
    waste management distribution center and a landfill where
    I could still go to get back that file should the need arise.

    The consequences of deleting a file IMO are far less than
    the ones of executing a program (seeing as the program
    could then effectively delete *everything*) so why all the
    complaints about an extra click when a user (or something
    else) invokes a program?
     
    FromTheRafters, Oct 12, 2008
    #4
  5. Mr. Arnold

    Mr. Arnold Guest

    I wouldn't use the thing. It's about as bad as Application Control in 3rd
    party personal FW(s) or other such nonsense snake-oil solutions. One wants
    the mouse click on the accept button when it's malware that was *accepted*
    and remembered so that one is not asked about it again.

    It's just below this one. Hey, I turned UAC off, because I have ran this way
    for 25 years from Win 9'x as root admin, and I have ran as user/admin on Win
    NT 4.0, Win 2k, and XP with full admin rights. I am good man. I am so good,
    computer savvy, and it can't happen to me on the Internet. Hey, so what if I
    get some malware that something detected. I'll wipe out the machine if it
    happens.

    But little did I know that a whole boat load of malware has come past my
    little security blanket, planted itself deep and can't be detected by my
    detection security blanket, and it's been this way for a long time. I
    don't even know how to go check things out for myself with other tools
    manually and look around and see what is running on the machine from time to
    time.

    Hey, I am good and my security detection blanket is good too. Everything is
    okay-dokey! :p
     
    Mr. Arnold, Oct 12, 2008
    #5
  6. Mr. Arnold

    mike-cow Guest

    If I *really* wanted secure, I wouldn't use windows at all. Do yo
    REALLY trust microsoft to keep your data safe? I know I don't

    I use this tool, and it's *definetely* worth the "risk". I don't nee
    to disable the prompts entirely, and I dont need to see the darn thin
    every single time I want to open up a command prompt (as I always ru
    the prompt elevated)

    --
    mike-co

    - -While I try to give as safe advise as possible, and use alot o
    effort in making sure it's accurate, I can't take responsibility o
    problems arising from the help I give. In the end it's you who need t
    decide what's the safest way to manage your computer.-
     
    mike-cow, Oct 12, 2008
    #6
  7. Mr. Arnold

    Mr. Arnold Guest

    I don't trust Microsoft, Linux, Apple or any other O/S to keep my data safe,
    because none of them are bullet proof O/S(s). They are all written by and
    used by fallible human beings. When we as human beings become perfect, then
    you can expect that anything we create or do will be perfect, and that's not
    happening in your life time.

    As far as security is concerned, the buck stops with the user, and it
    doesn't stop any where else. If the machine gets compromised, then the user
    had involvement in it someway that lead to the compromise. It doesn't happen
    by itself.
     
    Mr. Arnold, Oct 13, 2008
    #7
  8. Mr. Arnold

    DevilsPGD Guest

    In message <> mike-cow
    And that means you're as good as a full administrator, all malware needs
    to do is take a guess (or sit back and learn) what programs
    automatically elevate, then exploit them.

    Command prompt is a perfect target, since the malware can literally
    launch "%systemroot%\system32\cmd.exe /c %malware.exe%", thereby
    promoting itself to running with an administrative token, all without
    asking you.
     
    DevilsPGD, Oct 13, 2008
    #8
  9. Mr. Arnold

    mike-cow Guest

    Yes it would be, but I'm not running cmd. Cygwin ftw! 'Cygwin
    Information and Installation' (http://www.cygwin.com/)


    --
    mike-cow

    - -While I try to give as safe advise as possible, and use alot of
    effort in making sure it's accurate, I can't take responsibility of
    problems arising from the help I give. In the end it's you who need to
    decide what's the safest way to manage your computer.-
     
    mike-cow, Oct 13, 2008
    #9
  10. Mr. Arnold

    DevilsPGD Guest

    In message <> mike-cow
    Yes, and?

    A similar command line parameter would do the trick for Cygwin.
     
    DevilsPGD, Oct 13, 2008
    #10
  11. Mr. Arnold

    mike-cow Guest

    Ofcourse... *If* the malware knows where to find it... Security b
    obscurity works well on software

    --
    mike-co

    - -While I try to give as safe advise as possible, and use alot o
    effort in making sure it's accurate, I can't take responsibility o
    problems arising from the help I give. In the end it's you who need t
    decide what's the safest way to manage your computer.-
     
    mike-cow, Oct 13, 2008
    #11
  12. Mr. Arnold

    DevilsPGD Guest

    In message <> mike-cow
    There are already some nice exploit kits out there that are almost drag
    and drop simple, you pay up front and get a kit that handles the exploit
    and hands off to your code.

    The backend guys specialize in finding exploits, and despite all of
    cygwin's flaws, I wouldn't bet my security on whether it's *that*
    obscure.

    More importantly, it's not really about what you and I would list as
    always-approved, it's more about what your average end user would list.

    This would include nearly any app who's authors are too lazy or stupid
    to make their software run without administrative rights, since said
    applications would either simply list themselves in the "always
    authorized" group, or instruct users to do the same.

    If you were Microsoft, would you consider that sufficient to encourage
    lazy and stupid software authors to change their behaviour?

    Remember, this isn't a new thing, user permissions have been around in
    Microsoft operating systems since the mid 90s. Any author who hasn't
    caught on yet needs some encouragement, and nothing quite like user
    pressure to make it happen.
     
    DevilsPGD, Oct 13, 2008
    #12
  13. Yeah, like 99% of the users having problems with UAC contact the
    software authors.

    Riiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiight.

    Dream on.
     
    Paul Montgomery, Oct 13, 2008
    #13
  14. Mr. Arnold

    mike-cow Guest

    I agree with you. I just don't think it's justifiable with all thos
    securitymeasures in this computer. It's mainly for hacks and games.
    don't think windows is justifiable at all if I require a secur
    workstation though

    I'm careful with what I run on my computer, I haven't had a singl
    (unintentional) problem with malware in years

    I should add that the norton tool is as bad as elevating the ua
    entirely if used carelessly though... (I don't see a way it could b
    WORSE than that though, unless norton start abusing it, when it comes t
    that it's a question of how much you trust them

    --
    mike-co

    - -While I try to give as safe advise as possible, and use alot o
    effort in making sure it's accurate, I can't take responsibility o
    problems arising from the help I give. In the end it's you who need t
    decide what's the safest way to manage your computer.-
     
    mike-cow, Oct 13, 2008
    #14
  15. Mr. Arnold

    Mr. Arnold Guest

    Here you go on the security, if you bother to read it.

    <http://technet.microsoft.com/en-us/library/cc709691.aspx>
    <http://news.softpedia.com/news/Admin-Approval-Mode-in-Windows-Vista-45312.shtml>
    <http://technet.microsoft.com/en-us/magazine/cc138019.aspx>
    <http://technet.microsoft.com/en-us/magazine/cc160882.aspx>
    <http://msdn.microsoft.com/en-us/library/aa382503.aspx>
     
    Mr. Arnold, Oct 13, 2008
    #15
  16. Yes, one might as well just silently elevate as with UAC turned off.
    Allowing UAC to partially function is just lending users a false sense
    of security. True, other aspects of UAC still enhance security if this
    portion is circumvented, but the false belief that a whitelist won't be
    abused by malware is damaging.

    I hope I am correct in assuming the whitelist isn't based simply on
    filenames, and that there is protection against it being edited by
    malware. Even so, what is so bad about being asked if you really
    intended to execute a particular program - especially since there
    are no complaints about the ubiquitous 'confirm delete'. There is
    much more power in *execute* than there is in *delete* especially
    if cryptovirology is involved.
    Three cheers for Microsoft for making it more difficult to do this
    in Vista. This split (or filtered) token and the default hiding of the
    (non-filtered token) admin account makes it much harder for the
    malware to entrench itself in the system - and more difficult for the
    average user to circumvent this security enhancement.
    The focus on recovery *only* is misplaced. Recovery should be
    risk mitigation in the event of some failure in the primary preventive
    measures. Avoidance measures aren't perfect, so recovery is a
    necessary aspect - but shouldn't be relied upon. Besides, what
    about the data leakage that could happen between infestation and
    recovery? What about the harboring of malware that uses their
    computer to dDoS others' and/or spread further? Individual users
    should have more concern about the community of which they are
    a part.

    Vista's security by default and the difficulty in circumventing it
    is a step in the right direction - and making it easier to circumvent
    is a step backward.
    Perhaps undetected long enough to poison the backups within their
    recovery plans.
    In some cases, even tools can be lied to by the system.

    I suppose their ignorance is bliss, right up until it kills them.

    --end soapbox mode--

    :eek:)
     
    FromTheRafters, Oct 13, 2008
    #16
  17. Mr. Arnold

    mike-cow Guest

    I don't have much to comment on this issue anymore, but I'd like to as
    you a question

    Do you wear a helmet when riding your bike? (the question is void i
    it's required by law though...

    --
    mike-co

    - -While I try to give as safe advise as possible, and use alot o
    effort in making sure it's accurate, I can't take responsibility o
    problems arising from the help I give. In the end it's you who need t
    decide what's the safest way to manage your computer.-
     
    mike-cow, Oct 13, 2008
    #17
  18. Mr. Arnold

    Mr. Arnold Guest

    Why must you act an a$$ about it? Just because you like to fly with no
    safety-net and with your draws down at your ankles does that mean that
    anyone else should follow in your foot steps.

    The thing about Linux users on Linux machines, which makes that system less
    susceptible to attack used by the ignorant is that the user never runs as
    root admin.

    They run as non-root admin until an admin task is encountered, and then
    they must give a root admin user-id and psw to escalate to root admin rights
    to perform the task. They are then returned to being a non-root admin.

    Yes, the ignorant masses my not be getting attacked like they use to be on
    Vista, but on the other hand, on any previous version of the NT based O/S,
    their linen was dropped to their ankles, and they had to keep on grinnin.

    Now, they have a choice to leave the security on or turn it all off, if he
    or she chooses to do either one.
     
    Mr. Arnold, Oct 13, 2008
    #18
  19. Mr. Arnold

    DevilsPGD Guest

    In message <> Paul Montgomery
    Maybe not, but the results speak for themselves, take a look at
    http://blogs.msdn.com/e7/archive/2008/10/08/user-account-control.aspx

    The "Number of unique applications and tasks creating UAC prompts" line
    speaks for itself, having gone from 800,000 to a little under 200,000 in
    a 12 month period.
     
    DevilsPGD, Oct 13, 2008
    #19
  20. Those results don't say (as in "speak for themselves") that the
    reduction is because of a surge of user complaints to software
    developers as you initially implied.

    You missed TWO other possibilities, each more credible than yours, and
    each clearly explained in the article:

    Quoting from that article:

    "... we also expect that as people use their machines longer they are
    installing new software or configuring Windows settings less
    frequently, which results in fewer prompts, or conversely when a
    machine is new that is when there is unusually high activity with
    respect to administrative needs."

    Also:

    "Customer Experience Improvement Program data indicates that the
    number of sessions with one or more UAC prompts has declined from 50%
    to 33% of sessions with Vista SP1."
     
    Paul Montgomery, Oct 14, 2008
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.