Linked by Eugenia Loli on Wed 8th Dec 2004 20:48 UTC, submitted by Nicholas
Editorial I just spent the last several days reading the lengthy essay "Ying and Yang of Security" which explores the origins of security on the personal computer and explains why the current models are outdated. It seems to argue that security systems designed to keep the system safe are relics of the days of mainframes when the system was more important than the user, but for a personal computer the user is more important than the system.
Permalink for comment
To read all comments associated with this story, please click here.
Re: Archangel (IP:
by drsmithy on Thu 9th Dec 2004 03:01 UTC

Quite a read, but not a bad article. He did miss a few bits like RPC, which has turned out to be crucial to Windows (in)security.

The big problem wasn't RPC in and of itself, it was (mostly) that RPC ran with unnecsarily high privileges and that it had buffer overflows in the code.

Seriously, a port listening for remote users to execute code on that machine, or one for them to alter the registry? Gonna cause trouble...

These things are enabled in XP Pro because it's meant to be used in corporate environments - they're used for some remote administration tasks.

Certainly, this doesn't justify them being bound to external network adapters in XP home, but IMHO they're justified in having them on by default in XP Pro.

Win+F2 has no effect on here, beyond generating a normal F2 event. Even if it did, it's almost completely useless because it's 60 characters long; nobody's going to seriously type that or anything similar when they want to su.

I suspect he meant Win+R (which is equivalent to Start -> Run), but the command is needlessly long. The equivalent of 'sudo' is 'runas'.

Eg: 'runas /user:Administrator cmd' will open a command prompt as Administrator.

Or just right click an executable or shortcut (or shift-right-click control panel applets) and select "Run As".

Windows would benefit hugely from prompting users to su in the GUI, ala KDE or just about anything else.

As usual, this is a developer issue. The facility exists (and has done for years) for application developers to prompt the user for a password when higher privileges are temporarily required (eg: installation), but few of them use it.