PC Magazine says UAC "nails rootkits"

PC Magazine has an interesting article PC World - Business Center: Vista's Despised UAC Nails Rootkits, Tests Find

Good to see that UAC has a use!

Snarks

Hi SnarkyTwit,

UAC stops everything from Malware, Virus`s, worms and even the kid nextdoor who "knows everything" I let him use my Admin account and he cant do jack **** thanks to UAC and its password protection.

You just have to know how to use it to your advantage, Microsoft has finally catched up with the rest of the World and competition on user privledge security and I have found UAC to be the best protection offered by any security Software available on Windows or any other platform.

The poeple who complain about UAC are just idiots who know nothing about UAC or how to use it, so its good to see one Story finally giving it some credit where its badly deserved.

Steven

SnarkyTwit said:

PC Magazine has an interesting article PC World - Business Center: Vista's Despised UAC Nails Rootkits, Tests Find

Good to see that UAC has a use!

Snarks

Click to expand...

dmex said:

UAC stops everything from Malware, Virus`s, worms and even the kid nextdoor who "knows everything" I let him use my Admin account and he cant do jack **** thanks to UAC and its password protection.

Click to expand...

Just let me drive your computer as a limited user for few minutes and we'll see

The User Account Control in Windows Vista improves security by reducing application privileges from administrative to standard levels, but UAC has been widely criticized for the nagging alerts it generates. According to one Microsoft executive, the annoyance factor was actually part of the plan.
In a Thursday presentation at RSA 2008 in San Francisco, David Cross, a product unit manager at Microsoft who was part of the team that developed UAC, admitted that Microsoft's strategy with UAC was to irritate users and ISVs in order to get them to change their behavior.
"The reason we put UAC into the platform was to annoy users. I'm serious," said Cross.

Microsoft not only wanted to get users to stop running as administrators, which exacerbates the effects of attacks, but also wanted to convince ISVs to stop building applications that require administrative privileges to install and run, Cross explained.

"We needed to change the ecosystem, and we needed a heavy hammer to do it," Cross said.

I have personally to add that 2 weeks ago there was a conference organized by M$oft to give to the police all over the world some tools in a USB drive allowing to bypass absolutely everything in Vista, including tools to decrypt all files/folders using vista crypting solutions.....
Franckly speaking, vista is not more secure with UAC.... Just something "new" but not upsetting hackers at all.

Hey sidney,

Sure you can use my comp, just no USB, Firewire, Keyboard, CD/DVD, Internet or anything else with external access oh and with severe group policy...Severe!!

I dont see what you could really do with a normal limited user account, I know once you have physical access you can do anything but this kid and myself have yet to find any unknown local root escalation flaws within windows itself or make system-wide changes.....my last count of hacking/cracking software here numbered the thousands and the software I have tested tells me the core parts are protected from remote or program based attacks but not other boot device or CD based attacks.

Microsoft could have just given the Police a copy of BT with its paraphenalia of free security tools but its linux based and I doubt they would do that but the story would be "Microsoft gives cops Linux to crack Windows" Its all just a PR stunt to scare the people who have no idea about PC security (my speciality is pc security) but I know as a fact there is nothing on this planet capable of cracking something like my PGP disk.... Microsoft are forced to include backdoors in all there security software under Federal Export laws or they could never sell Windows overseas.

UACs design was ovious from the start, Make everyone run as unprivledged users so they stop getting the blame from everyone when a virus fcks up the computer or another user intentionaly damages the software, they had to make it prompt the user because there is no way of knowing what software does or doesnt need administrative permission.

BUT (its a biggy)

Microsoft have a plan of dumping UAC and requiring every application to be Signed before even allowing it permission to execute similar to there Singularity OS, the idea is if spyware or malware infects your computer Microsoft can get the certificate revoked and the software effectively banned from Windows, It can also help identify what software actually needs admin access......I have heard they might try this with Windows 7 if enough applications get updated and signed for Vista by then.

(The singularity OS has been over 10 years of development... Microsoft Research Singularity Project)


Steven

sidney1st said:

The User Account Control in Windows Vista improves security by reducing application privileges from administrative to standard levels, but UAC has been widely criticized for the nagging alerts it generates. According to one Microsoft executive, the annoyance factor was actually part of the plan.

In a Thursday presentation at RSA 2008 in San Francisco, David Cross, a product unit manager at Microsoft who was part of the team that developed UAC, admitted that Microsoft's strategy with UAC was to irritate users and ISVs in order to get them to change their behavior. "The reason we put UAC into the platform was to annoy users. I'm serious," said Cross.

Click to expand...

This is old news. I'd be surprised if David B Cross is still employed with Microsoft given such a stupid comment about an OS that Microsoft is trying heavily to boost sales of.

UAC does a lot more than "annoy": User Account Control - Wikipedia, the free encyclopedia