Linked by Thom Holwerda on Thu 5th Mar 2009 13:27 UTC
Windows For Windows 7, Microsoft has made some changes to User Account Control to counter the criticism that UAC was too intrusive. It didn't take long before several holes were poked in Windows 7's default UAC settings, and now one is left to wonder: is it wise to sacrifice security for (perceived?) usability? Ars has an editorial that deals with this question.
Permalink for comment 351944
To read all comments associated with this story, please click here.
I partially agree
by coreyography on Fri 6th Mar 2009 07:51 UTC
coreyography
Member since:
2009-03-06

I don't know that NT is a better kernel than Linux or any other Unix-like OS today. It might have been one of the more advanced _PC_ OSes at the time it came out, though some of my IT buds felt it was a BIG step down from VMS (another little OS that Dave Cutler worked on). I say this because it was quite prone to crashing -- less so than 98, but still too much for an "advanced" OS. It has gotten better up through XP. I don't use Vista, and won't until it goes on a diet, but there may be further stability improvement there.

Not everyone disagrees with you about every user being a normal user. Check out nonadmin.editme.com for a good bit of information about running non-admin on XP.

After looking at that site, and running normal user for awhile on XP, I'm inclined to agree this whole UAC thing is an approach from the wrong direction. Not because UAC is annoying -- it's not, in my brief experience with it -- but because of the extra token and other "fancy footwork" required to revoke privileges, rather than going the other way. That's an opportunity for holes, even if none have been found so far.

In my experience, running normal user in XP is not much more trouble than sudo on Unix/Linux, if any. There are a few issues and workarounds, but nothing insurmountable so far. Microsoft should have cut the cord with NT; it was different enough (from 98) that they could have started introducing this idea then, and avoided a lot of security egg on their faces.

Reply Score: 1