Someone PLEASE Explain Why All This REQUIRED Security? (UAC Especially)

Why is everyone so enamoured by all this "PROTECTION" in your OS, like it's a virtual condom or something? UAC makes me wonder and everyone that says you "NEED" it.

In all my decades of computing, I have run into probably TWO instances that could have ever been deemed as "SECURITY RISKS". Both of those were caught by a freeware virus scanner or firewall that on a daily basis were non-invasive and pretty transparent while performing my daily tasks.

Not only that, like most of us here, you do mundane tasks with your PC that nobody even cares about. I play games, do my personal finances, store my MP3's, play movies, and store my digital photos. I don't do confidential government work, and surely back up all my critical data to a separate external hard drive on a regular basis.

What are you being protected from? I fully understand corporations with sensitive data, or if you open your connection as a server to the internet and have sensitive data accesible on the same PC, which is a dumb idea to begin with.

So tell me what are you protecting yourself from in Vista that caused you issues with XP or 98 or 95???

To me it's like driving a tank to work for that 0.0001% off chance a big rig truck might bump into me.

 

Obviously smart web browsing habits are good.

If you are driving to work in a environment as dangerous as the internet, perhaps a Hummer may be a better choice

UAC is useless for those of us who may be more tech savvy but for the average user, it may prevent some random malware from running on the computer.

 

The thing that UAC will help tech savvy people with is a bad macro in a excel document that UAC would catch, that and other embedded malware when opening an application/document that shouldnt activate UAC. But yeah I have UAC disabled currently.

 

That's my point. So many people tout increased security as a major improvement with Vista. But anyone I have challenged to this point can never provide me an instance with any previous OS where it mattered. Or even know what "better security" means. That part of the MS marketing worked beautifully.

I think UAC makes complete sense for a business environment, but should only exist in the Business or Ultimate versions of Vista. A much more streamlined and transparent version should exist in Basic and Home Premium.

 

The linux people make fun of windows because of its lack of security.

 

You were able to make a post on this forum. This means you have the requirements to use a computer. Most people don't. The UAC is there to protect them, not you as you know much more about computers than "normal" people.

As you have enough requirements to use a computer, why don't you just get the real admin account? More info here: http://www.neowin.net/forum/index.php?showtopic=537806. No more nags or priviledge required!

 

UAC is Windows finally catching up to proper user permissions, and it's basically a hack around programs that require Administrator (root) permissions, pausing them to ask the user whether or not the program should be allowed to run.

Basically, programs should NOT run as root if they can at all help it. It's just bad design, because a bug in Firefox or IE or Google Earth or whatever now means that if you go to the wrong site, your whole machine is now pwned. If you are just a normal user running the browser, it won't have the ability to get it's hooks deep into the system.

It's called the Principle of Least Privilege. Same reasoning that not everyone is allowed to be a Police Officer. Some people need to have those extra powers (in a social and legal sense), but not everyone, and it could be quite bad if some people did.

 

Linux has a UAC type deal but much better. Every time you try to make a change or do a certain function it asks for a log in.

 

And on Linux it doesn't seem to be so annoying.

 

I agree with you, I think the whole security marketing with Vista is a bunch of BS. Microsoft still doesn't understand the difference between a root user and a normal user and that you shouldn't give full access to all files by default Thats why they came up with UAC. This is the reverse of what is done in Unix/Linux.

No system is perfect, but its like MS stuff is programmed by a bunch of people who are computer science dropouts.

I read an article a while back when Vista was very new, that MS wasn't going to give the internal details of its Kernel to the big vendors who make security products that run on windows - Symantec, Mcafee etc. Many of these security companies were very upset with MS since they couldn't guarantee complete protection to their customers. Not sure if things have changed now, but if they haven't then security with Vista could be worse then XP.

 

You can easily get this on Vista too... just change your user type from "admin" to "standard" and you'll be prompted for the password each time.

The difference is that it's not the default in Windows. Can you imagine if it were? With all the endless whining there is now about one-click privilege escalation being so onerous, if Windows users had to actually enter a password by default each time they needed privileges? We'd really never hear the end of it.

Another difference is that Ubuntu, I believe, is also set up by default to have a timeout period... so once you approve an escalation, it does all requested escalations automatically without prompting for the next 10 minutes or whatever it's set to. However, Linux kind of "gets away" with this because it's not a big malware target. If Windows did this, it would be exploited to death. All an app really has to do is sit quietly in the background, wait for the user to approve any escalation for anything, and then launch whatever malicious stuff it wants with root privileges.

EDIT: Here's a page that describes the potential type of exploit I was talking about: http://www.securityfocus.com/archive/1/395107/2005-04-03/2005-04-09/0
The page is about OS X, but Linux should be pretty much the same. Even if the /var/log/system.log thing is or has been fixed, there are still other ways to make an educated guess about whether escalation has been granted recently (such as by using the ps command, for example).

But I guess this wasn't intended as a Linux vs. Windows security setup thread... so sorry about that. I just wanted to point out that tradeoffs are made everywhere and it's not worth assuming that anything Linux does is necessarily better or would work well on Windows, given the differences in the user base, software base, and the popularity of the OSes.

 

Exactly! Well put. This is exactly what I am talking about. This is exactly why viruses don't propagate so easily in Linux since they don't have GOD privileges by default to write to disk, install whatever they want etc...

 

If you didn't have that second item in there I might (I repeat MIGHT) agree with you. But because that second item is there along side the others that imply a bit of Internet access and because there are now professional organizations doing every thing they can to gain access to folks personal finance transactions, the need for heightened security is very real.

For years the industry has bashed Microsoft for minimizing the security in Windows. Legions of Linux fanboys have wagged a finger at Microsoft for running every user app with administrator access as the default.

Well, now MS has listened. We have the same sort of security other operating systems have had. I am not 100% happy with the implementation of UAC, but I fully understand its need. A need that is really more prevalent in the home environment than in business. With folks kids surfing all manner of websites, some of which encourage the kids to download the latest widget and at the same time install malware turning the machine into a part of a vast army or zombie machines under the control of organized crime syndicates here and overseas. These are the same machines mom and dad are balancing the checkbook on, or trading stocks on E-Trade. Scary stuff, no?

Yes, safe surfing is a good idea. Is it enough, hell no.

Gary

 

Ah but you are so wrong. They do understand it NOW. The problem is the thousands of programmers out there who didn't or don't. Those programmers who wrote code assuming that the app had full admin rights. UAC is the answer to THOSE programmers and applications.

From day one Unix and it derivatives have had the principle of least privilege so there has never been a need for a UAC. Until the legacy of Windows apps is wiped away a UAC will be a necessity.

Gary

 

Yeah, UAC's present implementation is transitional to some extent. (That's not a reason to turn it off though... it's still leaps and bounds better than nothing.) They had to deal with a world where lots of apps require admin privileges even though they really shouldn't need to. And yes, they had to make UAC at least a little annoying when running apps that need privileges, or else developers would never get around to fixing their stuff. The app situation has improved as a result, and I expect that there could be a few changes in Windows 7 as a result of that.

 

I encrypt and password protect all my personal finance files. Most all programs do that automatically anyhow.

I understand what you're saying, but to be targeted and find that specific file, and have the resources to decrypt and break the password, then they've already spent more resources than what they can garner from my personal finances. Not only that, I don't keep account information on my PC, so if they want to see me balancing my checkbook, have at it, as they celebrate how they're going to spend that $50 left in my checking account.

 

I agree with your first post and this as well. I never, ever put in my SSN#, Bank account numbers or Federal Tax # (employer) into any of my personal finance software. I'm more worried about losing the laptop and have someone find the data than having some hacker peer into my computer.

Putting in account numbers etc. is a big no-no.

 

Well put. That's actually more my fear than someone hacking my network connection. I'm more likely to leave it somewhere or have it stolen. They'd do better to offer some form of personal property warranty than implement UAC.

 

But those are not the only intrusion vectors to your personal finances. There are so many more. Not the least of which are keyboard monitors that capture and retransmit your passwords as you check your online balance. Not to mention the whole notion of identity theft, where it doesn't matter how much you have, but what credit card companies will "loan" these syndicates using your name. The encryption provides you ZERO protection while that file is open on your machine. A zombied machine is perfectly capable of waiting for these types of files to be opened and the then unencrypted content shipped off to Belize.

Gary

 

That's what insurance is for, to protect your personal property.

UAC really is a good idea, because it forces application developers to write their programs correctly, rather than assuming their applications have full control of the computer. It may be an annoyance now, but it should happen less and less going forward. The blame lies both on Microsoft for never actually requiring proper behavior until now (though they've recommended it since Windows NT), and on developers for making applications stupidly assume they have free reign of the computer. Once that shakes out, it will make Windows a much more viable option for secure computing in the enterprise. Note that that's a link to an MSDN blog.

 

Well... technically, Linux doesn't require proper behavior either. I mean, you could make a spreadsheet in Linux that requires root to run. It's just that no one does. And no one would use such an app if it existed... or they'd just fix the program if it's open source.

I attribute the difference to a few factors:
- Most *nix software is either free and not very economically motivated (at least for some of the contributors), or extremely expensive (like Oracle) and reviewed/installed/operated by people who really know what they're doing. So in the first case, you have volunteers fixing your crappy code for free, and in the other case, you have customers that know better and won't put up with crap. A lot of Windows software (Intuit, Adobe stuff, etc., and especially specialty software) has none of that, and is driven by business priorities and sold to technically less sophisticated users.
- *nix has a more sophisticated userbase in general... about 1% or less of computer users and it tends to be techies. So they will know crap when they see it and not want to run it.
- *nix just doesn't have a history of everyone running things as root... in other words, it doesn't have the Windows 3.x/9x baggage. (*nix has its own baggage, but it's more arcane than insecure... sed, awk, vi, etc.)

 

I meant requiring as in actually enforcing permissions. Under Linux, the program just won't run unless you use the permission escalation or log in as root, neither of which is common with default *nix installs. Since most *nix installs had users as, well, users, programs were designed to store settings local to the user, run without needing system-level access except at install, and so on. Under Windows, programs could assume that they would run with admin privileges all the time until UAC came along and the defaults started setting users up as users in Windows, rather than administrators.

But that was a lot more words than "requiring"

 

Which gets to my point, has this ever happened, or have you ever thwarted off this threat or know of anyone that has? I have never had this issue. Again, it's that 0.001% protection. The annoyance isn't worth it.

 

The thing is, with lots of those programs, you don't know if you've been hit. Antivirus programs can only protect against threats they've got signatures for, so you better hope you aren't hit with any zero-day programs. UAC prevents those things from running in the first place, and the more it's rolled out, the less effective those malware programs will be. I recommend that everyone use it, and if UAC prompts keep coming up because of badly written programs, get rid of the programs and get applications which behave themselves. It only takes getting hit once to start realizing how unprotected you actually are. Being ****y and dismissive about it only increases the likelihood.

If you don't want to use it, feel free. But the fact that so many of those programs exist seems to indicate that yes, they do work. It's like saying "Only 0.001% of people in the US have AIDS, I don't need to worry about protecting against it" (and I looked it up... that is the actual percentage).

 

And I'm sure a LOT more people than that have malware on their computers!

 

I'd hardly relate AIDS with PC Malware. One threatens your life, the other is just an annoyance. And unless UAC prevents pretty much all malware, then I'd be convinced. But it still doesn't change the fact that UAC is poorly designed and implemented and an annoyance.

Sure maybe Windows applications may not have been coded "properly" but is that enough reason to annoy the end user repeatedly? I want to be alerted of true threats not anything that could remotely be considered a threat. It's like zero thought went into developing some form of intelligence for it.

 

I agree 100%, but this is part of the problem. People always complain about security of windows, yet when a nice security feature like this is implemented they would complain to no end. So they complain about not having something, and then complain when they get it. Its a viscous cycle.

 

I don't want any intelligence built into it! There are a million other signature-based and behavior-based "intelligent" anti-malware programs. I like UAC specifically because it doesn't try to decide anything for me. It doesn't try to tell me what's good and what's not. It's just a privilege-level gateway. NOTHING gets the privileges to modify the OS without my approval, which is exactly how I want it.

If you're looking for something to decide for you what to run and what not to run, UAC is just not a tool for that... just like Excel is not a tool for making music. UAC just sets most programs to run with standard privileges, and requires you to approve anything that runs with admin privileges. That's all.

 

UAC is not perfect, but it IS a step in the right direction.

For everyone claiming you are too smart to use UAC, you just told everyone how easy a target you are. (get out the neon "please hack me" sign)

Vista computers in my network have 100% repelled the last two virus attacks.
These were brand new viruses that none of the corporate or even desktop antivirus packages could stop.

Why? Because most users did not even have the power to let this virus run, and the ones who did had a real problem letting XJh1dg.exe run.

The XP users? XP just executed in Admin mode without asking anything.(and bypassed into Admin mode using a bug when they didn't have it)
This is even with corporate antivirus running, even with security software running.

100%.... thats right not one of the 30 stations with Vista was infected.
Not ONE.

The vast majority of the XP stations were infected. (over 100)
(antivirus told us somethign was weird, but couldn't stop it in most cases)


Now you ask why you would care?

These are security holes which allow remote users to use your computer and execute code. You don't care that someone else is controlling YOUR PC?
Isn't your time, your property, and your privacy worth something to you?

If someone you didn't know and who didn't ask borrowed your car and brought it back in more-or-less same condition would you care? (I would)

While your PC may be currently malware free... what about that night when you have had a few beers and do something silly... what about when you let your friend/girlfriend/roommate/wife use the network?

Smart people use every protection they have even when they don't know they need it.
The Internet is the equivalent of walking through the alleys in a big city in the worst part of town. You better believe I'll be wearing the best protection I have any time I do so.

You want to ignore the advice of people who know what they are talking about and walk through that part of town without precaution or with minimal precaution? Its your neck... and your CPU cycles.

I can't tell you how many of my "smart" friends have gotten in a real bind because they didn't bring their "A" game when they thought they were safe.

 

Do what you want. It is obvious you have already made up your mind despite the best efforts of other here explaining why UAC is a good thing and protects you from things that can very well escalate beyond a minor annoyance. Not the least of these is identity theft and turning your machine into a zombie for the malware networks.

Gary

 

Yes, I don't care what your post says, since it's a mundane task you did with your PC.

 

That's why there is something called "heuristic" detection that can detect viruses that are not in the database.

And yes, UAC is usefull to protect general users but you just have enough at the end if you are a power user and just disable it or something else.

 

heruistics are not perfect. Actually, they're often wrong. UAC is good for ALL users. Not only general users. A power user is almost always someone who knows just enough to get themselves in trouble, but thinks that they know more.

UAC prevents applications from running with administrator privileges without your knowledge. And that's it. If you have a program that requires administrator privileges and it's not a system tool of some sort, you have a badly designed application, and you should put it back on the shelf.

 

I trouble shoot people's PC/Mac problems as a small side job sometimes for extra cash. Doing so makes me realize how ignorant so many people are about computers. Sometimes it's beyond ignorance, some people are just plain idiots. I personally think UAC saves many people who are ignorant about computers & the web from hard ache. And like Pitabred mention, it also helps the ones who think they know it all.

 

I wouldn't say UAC is good for all users. Dumb users like my own father (no he's not dumb, just a layuser) would get frustrated with it. It doesn't explain what's going on. It's just another dialog box that he'll call me at 10pm at night on to ask what he needs to do, and what it means, and why it seems so threatening.

If you've ever dealt with a layuser, or talked to one (or several) about it, and ask them about UAC they either say "what's that?" or once you explain it they typically just say they click OK because they want whatever it is they're doing to run. They don't know what the hell is going on.

But back to my original question and point which I don't believe was answered: What threats are we protecting ourselves from that weren't there with WinXP or 2000 or 98 or 95 that caused your PC trauma? For me, and my last 15+ years of computing and dealing with the internet, nothing. Or perhaps the simple firewalls (software or hardware) and anti-virus I've used over the years were doing their job transparently.

Again, I did state that UAC is a good thing, and for the right environment, mainly business, but for most home users, it's more of a nuisance than help at this point in time.

Thanks for everyone's input on the matter though as I do respect everyone here, and know most of you have as much if not more experience with PC's and networking than I do.

BTW LIVEFRMNYC - love the photo of GWB. I think the bunny is more qualified to run the country. Good riddance is right!

 

Also, in my opinion, you really must be searching for viruses to catch one. I left my computer without any antivirus or protection for 6 months doing my usual browsing. After 6 months, I installed NOD32 and it didn't detect any virus. To execute you malicious software, you must first double-click on it then click run on the security warning. If you already allow this application to run, why wouldn't you the second time when UAC asks you.

 

Agreed, I dont download illegitimate things and have never gotten a virus, albeit I do have an AV running.

Theres a way to make UAC less annoying, turning off the black background it uses when it appears.

Source: http://www.howtogeek.com/howto/wind...top-blacking-out-the-screen-in-windows-vista/



After doing that, I dont find it annoying at all.

 

UAC works for me. It's a minor inconvenience but will save my system if ever I do get a rogue program. For ordinary people who browse the web and likes to 'clik' on pop-ups and enticing ads will benefit from UAC. If all of the sudden the UAC pops up and I'm not actively loading a program then at least it'll give you a warning that something is trying to install itself. Vista is a fine OS and I don't understand why 100% of the time LINUX & APPLE OS comes up in the discussion.. wassup with that?

 

Do not click on exe files? Do not click on many things.

For 10+ years no anti virus? 2 years anti virus non caught? Stupid is stupid does?

Can't save some from themselves?

Edit: Sad to say some with issues spend too much time on adult sites.

 

Those **** Apple switch ads with the PC and Mac guy just get people all mixed up

 

Yeah those ads were funny at first but now it's irritating. Hope it goes the way of the Dell guy and 'where's the beef' ads.. into oblivion! LOL

 

If only it was really that easy...

Gary