Linked by Thom Holwerda on Thu 5th Mar 2009 13:27 UTC
For Windows 7, Microsoft has made some changes to User Account Control to counter the criticism that UAC was too intrusive. It didn't take long before several holes were poked in Windows 7's default UAC settings, and now one is left to wonder: is it wise to sacrifice security for (perceived?) usability? Ars has an editorial that deals with this question.
Permalink for comment 351843
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2008-06-29
User Account Control shouldn't be used to grant privileges higher than user. It should be used to control programs that try to execute with out the users consent or programs that try to modify the users account setting. If a program needs privileges higher than user then an administrator password should be required. Maybe Microsoft can implement the AAC (Administrator Account Control ie. sudo) to control privilege granting and leave UAC to do what it's name suggests and control the user account and deny unwanted code from executing or changing settings.
In the end it's still up to third party vendors to make sure that their programs run in user space with user privileges. The UAC should control weather or not a program is allowed to run on the user level and an administrator password should be required to run a program beyond user privileges and no user executed code should be automatically granted privileges beyond user.