So I want to take a second to vent. First, I recognize that I work for Microsoft and before the whole Trustworthy Computing thing (which hit it's 5 year anniversary this week) the concept of security and Microsoft was the brunt of several jokes. Not hurting my feelings....we needed those of you in the field to really open our eyes as to what we should have been doing from Square 1....so for that I thank you. I also think we're moving in the right direction, as do many of you.
What makes me angry is when we do what is "right" for the security field as a whole and then get some self-serving "security expert" who gets quoted saying that specific security features are just a "burden to users". Know what else is a burden? Seat belts. Would this same guy be quick to recommend that his kids drive without them? What about airport security checkpoints? I know they're a real drag for me. Maybe we should just have two lines at the airport...one for people who don't mind being screened and an express line for those who do. Of course, I bet if I choose to run this vendor's "security solution", my experience as a user would be near perfect. Funny how that works.
Here's the facts: The User Access Control feature in Windows Vista is absolutely the right thing to do keep users from being their own worst enemies, by running with administrative rights, when it's not required by the task. Of course, you need to determine if the risk of turning the UAC off is less of a hassle than rebuilding a corrupted network. Totally up to you. Don't forget (like this gentleman failed to mention) you do have the ability to set the level of user interaction with UAC through nine separate options in Group Policy. The Windows Vista Security Guide explains where to make that change.
The screen shot on the left shows the option for someone with admin rights. The other is for those who run as standard users without admin rights:
If you got any more questions about UAC please check out the UAC team blog....and always wear your seat belt.
Jeff has an uncanny ability to dig into details that most folks gloss over: Exposed? : Examining Secunia
I've worked with Kai directly for a number of years. He doesn't get all riled up easily. But he does
I was attending my son's swim meet last night (Go Wayzata !). They happened to be taking on my old school
As a long time MacOS X user, I don't find UAC to be more annoying than it is in OS X for normal business tasks. For power admin tasks, it comes up in both systems, with OS X also asking for admin rights for system updates.
I truly believe that a system like OS X su-ing and Vistas UAC is the best moderate approach to handle security controls.
What I would like would like to see would be a kind of "Help" or info link FROM the elevation dialog. Ideally, this would not use the windows help system but build on the Secure Desktop to promote a box that indicates:
- Who signed the executable, if any
- Is it a Microsoft OS bundled executable or a later installed component either from Microsoft or other vendors?
- More information about how people should make educated choices.
But DO NOT COMPROMISE on UAC!
Keep up the good work to make Vista a more secure platform, and kudos for bundling NFS services with Vista. Now its even easier to network with MacOS X and Solaris.
Again, please correct me if this recent report seems to be a bit self-serving. The jist of this report