Vista's UAC Nails Rootkits!

Tests showing UAC very effective against rootkits, also testing mainstream programs against each other good read! http://www.pcworld.com/businesscent...s_despised_uac_nails_rootkits_tests_find.html

 

at least we know that vista is not just eye candy

 

I appreciate the security, but it would be nice if you could override it for startup apps that require admin control.

 

i agree. im glad that there is proof that uac works, hopefully it will change peoples opinion on turning uac off

 

no i still find it too annoying to leave on, nevermind the benefits.
unless you're a huge torrent downloader just forget it

 

UAC is a pain in the rear when setting up a computer, but after that it is usually fine. I don't really like Vista, but UAC isn't all that bad...

 

You can by using the built in Task Scheduler.

 

What if you have 45 starting apps?
UAC is fine for me, but I wish it`d remember the ones that I use.
Then again,what if those are hacked or infected? ...

 

This is not "proof that UAC works". That is impossible to prove.
It is however proof that it doesn't fail completely.

As far as "UAC works" goes, this is only an example of one particular situation where UAC works. That is not proof that it "always" works.

As for the claim that "UAC detects rootkits", it's not that simple.
UAC detects when you try to do something you don't have sufficient privileges to do, yes. So did XP.

As far as I know, XP, or Win2k for that matter, would refuse to install a rootkit as well, if you're not logged in as administrator. Anyone care to prove that one wrong? This may come as a shock to some of you, but all Windows NT-based products (2k and XP in particular, but older ones as well) have always had a pretty comprehensive security model.
They've always been able to enforce limited permissions on a user account.
It's just that no one *used* those. But *if* you did, it'd "detect" when you tried to do something you didn't have permission to just as well as Vista does.
All that's new in Vista on this front is that it performs this check even on admin accounts.

As for Vista's miraculous rootkit-detection, there's a bit of a difference between "detecting a rootkit", and "asking for permission to proceed" though.

Saying "A piece of software requires admin privileges to continue" is fine, it's a decent start, but it doesn't say that the software in question is harmful, or specifically that it is a rootkit. A user is pretty likely to click 'ok' to this prompt when it can't be more specific than that.

So claiming that UAC "spots rootkits" is a bit silly. It's technically correct, in the same sense that switching off your computer will keep it safe from viruses. Technically true, but pretty useless, and only as a side effect of what's *really* going on.

 

Create a batch file that runs the 45 apps and start that as admin at startup using Task Scheduler.

 

Your Right , I was going to add something along the lines of "...only if the user knows how to respond to the prompt or actually pays attention to it instead of clicking OK just to "make it go away"" but I was typing from a phone that doesn't have a QWERTY keyboard, and it gets tedious sometimes

 

Alot of UAC users have the habit of clicking YES to all the UAC prompts without actually looking at what their clicking yes too.

Microsoft has already confessed that UAC was a ploy to annoy users so program developers would create more secure programs.

I turned it off because i find it useless and a waste of time

 

I agree that the biggest flaw with UAC is that somebody gets so into the habit of clicking yes that they dont even read what it is.

Still tho this would not effect me, I know when I am going to be running a program that will prompt me to click yes, it doesnt slow me down even more than a second. If I ever went to go open a new folder tho and suddenly I get a prompt for no reason, you better bet I am not just clicking yes without looking because I know that I should have not gotten a prompt.

However I would have not been smart enough maybe to notice the "new folder" was not a folder that I or my wife accidentally created.

Why do I say this as an example? Well not on my PC but one of the work pc's the other day I ran a full virus scan and it found a major virus and it was saved as new folder.exe, ingenious! somebody could have easily clicked that fake folder to run the virus including myself, UAC for sure tho would have kept me from running that virus if it was on my computer.

 

UAC is useful on multi-user/profile computers. It stops noobs (like my mum) from destroying the computer