Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Safety != Security. Seriously.

microsoft.public.windows.vista.security






Speedup My PC
Reply
  #1 (permalink)  
Old 03-07-2008
sebastian.palm@myrealbox.com
 

Posts: n/a
Safety != Security. Seriously.
I've been using Vista for eigh**** months now, (since just after RTM,
actually), and while I was initially enthused with the new security
features promised in Vista, I've gotten pretty much disillusioned with
them. Because I think Microsoft somehow failed to understand something
terribly fundamental to userdom - the fact that Safety does NOT equal
Security, in the world of computer users...

In their own way, Windows NT and Windows 2000 were the most secure
versions of Windows there ever was, with regards to ths operating
system's security from the average *user*. Provided the operator could
follow a simple instruction: "Don't use an administrator account as a
day-to-day account", there was little he could do to truly screw stuff
up. Sure, having to log in as an "unsafe" administrator every so often
to take care of the stuff that needed privileged access was a chore,
but at least it was secure...

What Microsoft did in XP is IMO completely unfathomable - giving
J.Random XP installer, and his whole family, administrator privileges
by default. How many do you think bothered going back and changing the
access level of the regular user accounts back to User level?
Especially once XP software routinely started *assuming* it had Admin-
level privileges? Not too damned many... Thus you had most users
running "unsafe" accounts, which is pretty insecure.

I truly thought Vista would change things back, but sadly Microsoft
didn't decide on this - Vista still defaults to making the first user
an Administrator by default, and software vendors keep assuming
administrator privileges. Which, coupled with UAC, intended to provide
"safety" for administrator-level accounts, destroys security. Because
while users are now "safe" behind UAC access prompts, they can still
do anything they damned well please, or the apps they allow to run
because they no longer bother to read the annoying prompts can.
*Sigh*.

Contrast this with Linux, if you please. On most of the distributions
I've tried, the administrator account (root) is so powerful, and so
unsafe (no prompts!) that it takes even the most die-hard wannabe
poweruser all of one mistake to decide he won't ever want to be logged
in as "root" if it can be at all avoided; yet that same power is still
available at the admin's fingertips from whereever just by using the
su command. Doing it this way means a user must decide in advance to
want too use enhanced privileges - it's not, as with UAC, a matter of
reacting to an app that wants something.

IMO, the better solution for windows account security in Vista would
have been to ditch UAC entirely, and default accounts to user level -
and putting the administrator account somewhere accessible without
jumping through hoops... (beyond supplying the password, that is)

You may now all jump on me for posting something has already heard and
agreed/disagreed with. :-)

SP

Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 03-07-2008
Mark
 

Posts: n/a
Re: Safety != Security. Seriously.
If you had said, IMHO instead of IMO, I'd have left you alone.
Otherwise, I agree with you on defaulting account to User only and Admin is
only available if the User wants to be in Admin. This would then force the
vendors to supply programs that meet the existing security levels instead of
the vendor simply tell the User to Allow Admin functionality.

The current method is useless to the "typical" home user as vendors and
malcontents simply continue to ignore the requirements knowing it's easier
to get the User to click Continue with their non-passworded "limited" Admin
accounts.

<sebastian.palm@myrealbox.com> wrote in message
news:9015f36b-1e7f-4030-ad1e-1d797ae10630@e60g2000hsh.googlegroups.com...
> I've been using Vista for eigh**** months now, (since just after RTM,
> actually), and while I was initially enthused with the new security
> features promised in Vista, I've gotten pretty much disillusioned with
> them. Because I think Microsoft somehow failed to understand something
> terribly fundamental to userdom - the fact that Safety does NOT equal
> Security, in the world of computer users...
>
> In their own way, Windows NT and Windows 2000 were the most secure
> versions of Windows there ever was, with regards to ths operating
> system's security from the average *user*. Provided the operator could
> follow a simple instruction: "Don't use an administrator account as a
> day-to-day account", there was little he could do to truly screw stuff
> up. Sure, having to log in as an "unsafe" administrator every so often
> to take care of the stuff that needed privileged access was a chore,
> but at least it was secure...
>
> What Microsoft did in XP is IMO completely unfathomable - giving
> J.Random XP installer, and his whole family, administrator privileges
> by default. How many do you think bothered going back and changing the
> access level of the regular user accounts back to User level?
> Especially once XP software routinely started *assuming* it had Admin-
> level privileges? Not too damned many... Thus you had most users
> running "unsafe" accounts, which is pretty insecure.
>
> I truly thought Vista would change things back, but sadly Microsoft
> didn't decide on this - Vista still defaults to making the first user
> an Administrator by default, and software vendors keep assuming
> administrator privileges. Which, coupled with UAC, intended to provide
> "safety" for administrator-level accounts, destroys security. Because
> while users are now "safe" behind UAC access prompts, they can still
> do anything they damned well please, or the apps they allow to run
> because they no longer bother to read the annoying prompts can.
> *Sigh*.
>
> Contrast this with Linux, if you please. On most of the distributions
> I've tried, the administrator account (root) is so powerful, and so
> unsafe (no prompts!) that it takes even the most die-hard wannabe
> poweruser all of one mistake to decide he won't ever want to be logged
> in as "root" if it can be at all avoided; yet that same power is still
> available at the admin's fingertips from whereever just by using the
> su command. Doing it this way means a user must decide in advance to
> want too use enhanced privileges - it's not, as with UAC, a matter of
> reacting to an app that wants something.
>
> IMO, the better solution for windows account security in Vista would
> have been to ditch UAC entirely, and default accounts to user level -
> and putting the administrator account somewhere accessible without
> jumping through hoops... (beyond supplying the password, that is)
>
> You may now all jump on me for posting something has already heard and
> agreed/disagreed with. :-)
>
> SP
>



Reply With Quote
  #3 (permalink)  
Old 03-08-2008
sebastian.palm@myrealbox.com
 

Posts: n/a
Re: Safety != Security. Seriously.
On Mar 7, 7:50 pm, "Mark" <jmhonz...@nospam.insightbb.com> wrote:
> If you had said, IMHO instead of IMO, I'd have left you alone.


Claiming humility would be dishonest - it's decidedly not one of my
stronger virtues... :-)

> Otherwise, I agree with you on defaulting account to User only and Admin is
> only available if the User wants to be in Admin. This would then force the
> vendors to supply programs that meet the existing security levels instead of
> the vendor simply tell the User to Allow Admin functionality.


Exactly. One of the things I just can't understand about XP and later
is why they made it so you basically have to cripple one of its best
features in order to get to the Administrator account (you need to
turn off fast user switching to get a regular log-in prompt from which
you can manually type in the administrator account name - if there's a
way of adding the Administrator to the normal menu, it's buried
someplace where I've yet to find it after six years of sporadic
looking :-\)


> The current method is useless to the "typical" home user as vendors and
> malcontents simply continue to ignore the requirements knowing it's easier
> to get the User to click Continue with their non-passworded "limited" Admin
> accounts.


I kind of wish UAC had been designed more like a firewall - protect
each admin privilege individually, keep track of user-level
applications that request them, allow the user to semi-permanently
allow each privilege to apps that are deemed trusted as they're
requested. You'd get a bunch of prompts while performing initial
configuration of the system, but once you're done with that, anything
new will be cause for concern, rather than routine approval. Also, as
is, once UAC elevates a process, it gets all the rights in one go if I
understand correctly. There's no way of telling if the application you
just approved really does only what it says it does. How do you know
it's not a keylogger in disguise?

Let's put it this way: An administrator is like a superbike. A user
account is like a bicycle. UAC is a set of training wheels. Anyone who
should feel comfortable with a superbike will find training wheels to
be an annoyance at best, and anyone who *isn't* comfortable on a
superbike won't really be any safer with them. (And anyone who thinks
they'll be safer on a superbike if it has training wheels really
shouldn't be let anywhere near one...)

(Someone compress that into a four-line sig for me, and I'll be
eternally grateful... :-)

SP

Reply With Quote
  #4 (permalink)  
Old 03-08-2008
Susan Bradley
 

Posts: n/a
Re: Safety != Security. Seriously.
Baby steps.

It took 13 years to get Quickbooks to stop coding for admin. Rome was
not built in a day.

sebastian.palm@myrealbox.com wrote:
> I've been using Vista for eigh**** months now, (since just after RTM,
> actually), and while I was initially enthused with the new security
> features promised in Vista, I've gotten pretty much disillusioned with
> them. Because I think Microsoft somehow failed to understand something
> terribly fundamental to userdom - the fact that Safety does NOT equal
> Security, in the world of computer users...
>
> In their own way, Windows NT and Windows 2000 were the most secure
> versions of Windows there ever was, with regards to ths operating
> system's security from the average *user*. Provided the operator could
> follow a simple instruction: "Don't use an administrator account as a
> day-to-day account", there was little he could do to truly screw stuff
> up. Sure, having to log in as an "unsafe" administrator every so often
> to take care of the stuff that needed privileged access was a chore,
> but at least it was secure...
>
> What Microsoft did in XP is IMO completely unfathomable - giving
> J.Random XP installer, and his whole family, administrator privileges
> by default. How many do you think bothered going back and changing the
> access level of the regular user accounts back to User level?
> Especially once XP software routinely started *assuming* it had Admin-
> level privileges? Not too damned many... Thus you had most users
> running "unsafe" accounts, which is pretty insecure.
>
> I truly thought Vista would change things back, but sadly Microsoft
> didn't decide on this - Vista still defaults to making the first user
> an Administrator by default, and software vendors keep assuming
> administrator privileges. Which, coupled with UAC, intended to provide
> "safety" for administrator-level accounts, destroys security. Because
> while users are now "safe" behind UAC access prompts, they can still
> do anything they damned well please, or the apps they allow to run
> because they no longer bother to read the annoying prompts can.
> *Sigh*.
>
> Contrast this with Linux, if you please. On most of the distributions
> I've tried, the administrator account (root) is so powerful, and so
> unsafe (no prompts!) that it takes even the most die-hard wannabe
> poweruser all of one mistake to decide he won't ever want to be logged
> in as "root" if it can be at all avoided; yet that same power is still
> available at the admin's fingertips from whereever just by using the
> su command. Doing it this way means a user must decide in advance to
> want too use enhanced privileges - it's not, as with UAC, a matter of
> reacting to an app that wants something.
>
> IMO, the better solution for windows account security in Vista would
> have been to ditch UAC entirely, and default accounts to user level -
> and putting the administrator account somewhere accessible without
> jumping through hoops... (beyond supplying the password, that is)
>
> You may now all jump on me for posting something has already heard and
> agreed/disagreed with. :-)
>
> SP
>

Reply With Quote
  #5 (permalink)  
Old 03-10-2008
James R. Gentile
 

Posts: n/a
Re: Safety != Security. Seriously.
*Lots* of people are complaining that they have to hit yes/no, there'd be
even more complaints and hate
directed at vista if users had no ability at all to use their poorly written
legacy software or had to enter a password.
Besides, you can enter a 0 length password and just click OK as soon as the
password dialog pops up, how
is that different than yes/no? That's what just about any fool who 'clicks
OK to everything' would do that you claim
is such a big problem (without statistics to prove your point, which
completely doesn't surprise me after years of reading 'complaints' about
MS). I suppose your response would be "then make the password minimum 8
characters" but one shoe does not fit all and people should have a choice in
such things because a lot of them know what they are
doing when they choose no password or to have UAC just present a yes/no. I
agree with MS that this group of people should not be unduly inconvenienced.
IMHO.

<sebastian.palm@myrealbox.com> wrote in message
news:9015f36b-1e7f-4030-ad1e-1d797ae10630@e60g2000hsh.googlegroups.com...
> I've been using Vista for eigh**** months now, (since just after RTM,
> actually), and while I was initially enthused with the new security
> features promised in Vista, I've gotten pretty much disillusioned with
> them. Because I think Microsoft somehow failed to understand something
> terribly fundamental to userdom - the fact that Safety does NOT equal
> Security, in the world of computer users...
>
> In their own way, Windows NT and Windows 2000 were the most secure
> versions of Windows there ever was, with regards to ths operating
> system's security from the average *user*. Provided the operator could
> follow a simple instruction: "Don't use an administrator account as a
> day-to-day account", there was little he could do to truly screw stuff
> up. Sure, having to log in as an "unsafe" administrator every so often
> to take care of the stuff that needed privileged access was a chore,
> but at least it was secure...
>
> What Microsoft did in XP is IMO completely unfathomable - giving
> J.Random XP installer, and his whole family, administrator privileges
> by default. How many do you think bothered going back and changing the
> access level of the regular user accounts back to User level?
> Especially once XP software routinely started *assuming* it had Admin-
> level privileges? Not too damned many... Thus you had most users
> running "unsafe" accounts, which is pretty insecure.
>
> I truly thought Vista would change things back, but sadly Microsoft
> didn't decide on this - Vista still defaults to making the first user
> an Administrator by default, and software vendors keep assuming
> administrator privileges. Which, coupled with UAC, intended to provide
> "safety" for administrator-level accounts, destroys security. Because
> while users are now "safe" behind UAC access prompts, they can still
> do anything they damned well please, or the apps they allow to run
> because they no longer bother to read the annoying prompts can.
> *Sigh*.
>
> Contrast this with Linux, if you please. On most of the distributions
> I've tried, the administrator account (root) is so powerful, and so
> unsafe (no prompts!) that it takes even the most die-hard wannabe
> poweruser all of one mistake to decide he won't ever want to be logged
> in as "root" if it can be at all avoided; yet that same power is still
> available at the admin's fingertips from whereever just by using the
> su command. Doing it this way means a user must decide in advance to
> want too use enhanced privileges - it's not, as with UAC, a matter of
> reacting to an app that wants something.
>
> IMO, the better solution for windows account security in Vista would
> have been to ditch UAC entirely, and default accounts to user level -
> and putting the administrator account somewhere accessible without
> jumping through hoops... (beyond supplying the password, that is)
>
> You may now all jump on me for posting something has already heard and
> agreed/disagreed with. :-)
>
> SP
>


Reply With Quote
  #6 (permalink)  
Old 03-11-2008
Mark
 

Posts: n/a
Re: Safety != Security. Seriously.
I read your post five times and still have no clue what you said.

But, here's my simple comparison:
If a virus scanner asked you for every file it scanned whether it was a
virus or not, would you use this program?

I am of the group that would rather never hear from a firewall, anti-virus
or other protection scheme unless it found something to be concerned about.
It either works, or it doesn't. If it doesn't know how to do it's job
without me answering it every time I want to install a file, then it's
worthless. This is the category of about 90% of the protection schemes out
there. They provide multitudes of messages for two reasons:

1. We don't know how to protect you because it's too hard, so you decide and
relieve us of the responsibility, or
2. Look! We are doing our job, don't you agree... press Continue.

Those that are silent provide about 95% effectiveness and some of them are
free. The other 5% will always be the User. So why waste my time with
prompts that don't protect anything? If you don't practice safe hex, you
probably don't pay attention to the warnings anyway, nor understand them.

Either get rid of them, or force the vendors to comply. The current method
is not forcing compliance, even on x64 machines, and MS is about to make it
easier on them with SP1.



"James R. Gentile" <jrgentile@comcast.net> wrote in message
news:7MudnQfoU7gwWknanZ2dnUVZ_rOqnZ2d@comcast.com. ..
> *Lots* of people are complaining that they have to hit yes/no, there'd be
> even more complaints and hate
> directed at vista if users had no ability at all to use their poorly
> written legacy software or had to enter a password.
> Besides, you can enter a 0 length password and just click OK as soon as
> the password dialog pops up, how
> is that different than yes/no? That's what just about any fool who
> 'clicks OK to everything' would do that you claim
> is such a big problem (without statistics to prove your point, which
> completely doesn't surprise me after years of reading 'complaints' about
> MS). I suppose your response would be "then make the password minimum 8
> characters" but one shoe does not fit all and people should have a choice
> in such things because a lot of them know what they are
> doing when they choose no password or to have UAC just present a yes/no.
> I agree with MS that this group of people should not be unduly
> inconvenienced. IMHO.
>
> <sebastian.palm@myrealbox.com> wrote in message
> news:9015f36b-1e7f-4030-ad1e-1d797ae10630@e60g2000hsh.googlegroups.com...
>> I've been using Vista for eigh**** months now, (since just after RTM,
>> actually), and while I was initially enthused with the new security
>> features promised in Vista, I've gotten pretty much disillusioned with
>> them. Because I think Microsoft somehow failed to understand something
>> terribly fundamental to userdom - the fact that Safety does NOT equal
>> Security, in the world of computer users...
>>
>> In their own way, Windows NT and Windows 2000 were the most secure
>> versions of Windows there ever was, with regards to ths operating
>> system's security from the average *user*. Provided the operator could
>> follow a simple instruction: "Don't use an administrator account as a
>> day-to-day account", there was little he could do to truly screw stuff
>> up. Sure, having to log in as an "unsafe" administrator every so often
>> to take care of the stuff that needed privileged access was a chore,
>> but at least it was secure...
>>
>> What Microsoft did in XP is IMO completely unfathomable - giving
>> J.Random XP installer, and his whole family, administrator privileges
>> by default. How many do you think bothered going back and changing the
>> access level of the regular user accounts back to User level?
>> Especially once XP software routinely started *assuming* it had Admin-
>> level privileges? Not too damned many... Thus you had most users
>> running "unsafe" accounts, which is pretty insecure.
>>
>> I truly thought Vista would change things back, but sadly Microsoft
>> didn't decide on this - Vista still defaults to making the first user
>> an Administrator by default, and software vendors keep assuming
>> administrator privileges. Which, coupled with UAC, intended to provide
>> "safety" for administrator-level accounts, destroys security. Because
>> while users are now "safe" behind UAC access prompts, they can still
>> do anything they damned well please, or the apps they allow to run
>> because they no longer bother to read the annoying prompts can.
>> *Sigh*.
>>
>> Contrast this with Linux, if you please. On most of the distributions
>> I've tried, the administrator account (root) is so powerful, and so
>> unsafe (no prompts!) that it takes even the most die-hard wannabe
>> poweruser all of one mistake to decide he won't ever want to be logged
>> in as "root" if it can be at all avoided; yet that same power is still
>> available at the admin's fingertips from whereever just by using the
>> su command. Doing it this way means a user must decide in advance to
>> want too use enhanced privileges - it's not, as with UAC, a matter of
>> reacting to an app that wants something.
>>
>> IMO, the better solution for windows account security in Vista would
>> have been to ditch UAC entirely, and default accounts to user level -
>> and putting the administrator account somewhere accessible without
>> jumping through hoops... (beyond supplying the password, that is)
>>
>> You may now all jump on me for posting something has already heard and
>> agreed/disagreed with. :-)
>>
>> SP
>>

>


Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Safety warnings Ultimate Manfred microsoft.public.windows.vista.installation setup 1 03-01-2008 17:04
What NASA Won't Tell You About Air Safety Steve General Technology News 0 10-23-2007 21:30
Safety by disclosure Steve Security News 0 09-07-2007 09:40
Security World: Search engine safety study key findings Steve Security News 0 06-12-2007 03:39
Security World: New solution ensures safety of backed-up and archived data Steve Security News 0 05-10-2007 19:26




All times are GMT +1. The time now is 23:27.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120