Linked by Thom Holwerda on Fri 27th Apr 2007 18:23 UTC, submitted by dylansmrjones
Windows Despite all the anti-malware roadblocks built into Windows Vista, a senior Microsoft official is lowering the security expectations, warning that viruses, password-stealing Trojans and rootkits will continue to thrive as malware authors adapt to the new operating system. "There is no guarantee that malware can't hijack the elevation process or compromise an elevated application," Russinovich said after providing a blow-by-blow description of how UAC works in tandem with Internet Explorer (with Protected Mode) to limit the damage from malicious files. Even in a standard user world, he stressed that malware can still read all the user's data; can still hide with user-mode rootkits; and can still control which applications (anti-virus scanners) the user can access.
Permalink for comment 234583
To read all comments associated with this story, please click here.
So ... Excercise caution
by ma_d on Fri 27th Apr 2007 18:46 UTC
ma_d
Member since:
2005-06-29

So the lesson is to continue to be cautious with what you do in life because the majority of the other people out there would love to take advantage of your mistakes; and a few of them know how to.

It's always an interesting trade off with security: Convenience verse privacy. The important question will be whether or not the malicious programs will need events that we can clearly blame on the users: For example, visiting "installviruses.com" is not an event we should blame on users. Clicking "ok, install" at "installviruses.com" is an event we should blame on users.

You obviously want programs to be able to easily read your data, otherwise work could get too restrictive to be productive. But not every application: You don't want your browser accessing your drive except through explicit circumstances.

I still believe UAC may be one of the better things Microsoft has tried to do along the lines of Windows security, but I haven't researched it (and may not) enough to know if they've really done a proper job of it.

One thing that seems to be universally missing in UAC systems is a useful method of telling the user exactly which application is requesting the authentication. OS X has an easy way to show it (which they don't actually use) by checking the menu bar. Vista could color the windows associated with that process. Gnome could probably do something similar.

Reply Score: 4