Shock and awe; Windows Vista has been released to the hounds (that would be us). As just about every publication has reiterated a thousand times over it took 5+ years of design and development and cost USD 5.5 billion both directly and indirectly. We were promised (maybe not even promised, but bullshitted) a revolutionary operating system and what we got is for you to determine for yourselves. I personally think it's a disappointment to say the least.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-07-06
Sorry, my fault. So you go to control panel, user accounts, Turn UAC on or off, uncheck the "Use UAC to protect your computer" check box and click ok, then reboot. Oops so it takes 5 clicks, sorry about my poor math.
You also conveniently leave out the need to elevate to do this.
My fault I guess people like Allchin are not as smart as you. They have no clue what they are talking about. You are right, they are wrong.
Show me where Allchin denied the split token architecture. If you can, he's mistaken. If you can't, you're mistaken.
http://technet2.microsoft.com/WindowsVista/en/library/00d04415-2b2f...
"When an administrator logs on, the user is granted two access tokens: a full administrator access token and a "filtered" standard user access token. By default, when a member of the local Administrators group logs on, the administrative Windows privileges are disabled and elevated user rights are removed, resulting in the standard user access token. The standard user access token is then used to launch the desktop (Explorer.exe). Explorer.exe is the parent process from which all other user-initiated processes inherit their access token. As a result, all applications run as a standard user by default unless a user provides consent or credentials to approve an application to use a full administrative access token. Contrasting with this process, when a standard user logs on, only a standard user access token is created. This standard user access token is then used to launch the desktop.
A user that is a member of the Administrators group can now log in, browse the Web, and read e-mail while using a standard user access token. When the administrator needs to perform a task that requires the administrator access token, Windows Vista automatically prompts the user for approval. This prompt is called an elevation prompt, and its behavior can be configured in the Security Policy Editor (secpol.msc) snap-in and with Group Policy. For information about how to adjust UAC Group Policy settings, see the "Configuring UAC Settings" section within this document."
Sorry but Windows is just not more secure then Macs and Linux. All people can keep trying to say is that Windows is more popular and that is why it has more problems. Sorry jack but being popular doesn't make the holes in the code. Poor planning and programing does.
I've not brought up popularity once while refuting your claims, so I don't see why you're trying to. The Mac has zero protections against exploitation of coding errors besides privilege (no image protections, no stack protections, no heap protections), and Linux has fewer protections implemented in common distributions than Vista. Both also have more than their share of security issues in OS and application code, and Apple isn't doing anything to be proactive unlike Windows and *n*x.
Member since:2005-11-10
Just because Windows uses tokens like a slot machine doesnt mean it works. No matter how many times you say it doesn't mean it's secure or security.
When the person who ran the unit that made the product says its not supposed to provide security then I am sure it doesn't! And you can read me the Windows help file 50 times. Sorry but I don't fall for the glossy marketing.
"I've not brought up popularity once while refuting your claims, so I don't see why you're trying to. The Mac has zero protections against exploitation of coding errors besides privilege (no image protections, no stack protections, no heap protections), and Linux has fewer protections implemented in common distributions than Vista. Both also have more than their share of security issues in OS and application code, and Apple isn't doing anything to be proactive unlike Windows and *n*x."
So then why does Windows have sooo many holes that are taken advantage of, most of them critical and Linux and macs dont. Please give me a honest answer. (Since you have not brought up popularity) I would love to see how you gonna give me an answer to this if you don't use the popularity argument!
"You also conveniently leave out the need to elevate to do this."
LOL! I left that out on purpose. My point had nothing to do with rights. My point was the fact that you can turn it off. That is silly. Why would you give users the ability to turn off the most touted feature in your OS. My five year old can turn off the full UAC security in 5 minutes! That is outragous. But it makes sence cause MS does not look at it as a security feature anyway. LOL!
Just face it. Unix type OS's were here WAY before Windows and will be here way after Windows. Unix type machines run the world, most devices use some form or Linux or Unix, most routers, switches, wireless devices! Most firmware. Most webservers, many major companies (Like Amazon and Google) n*x powers the internet. That is just life. n*x OS's have proven their robustness. We are still waiting for Windows to show it's! And if it (Windows) does work now it's about time!
Member since:
2005-11-10
"Show me a Windows machine where you can do the same. You can't disable UAC with the click of a button, even if you're running as Admin"
Sorry, my fault. So you go to control panel, user accounts, Turn UAC on or off, uncheck the "Use UAC to protect your computer" check box and click ok, then reboot. Oops so it takes 5 clicks, sorry about my poor math.
"Maybe you should research this on your own since it's so difficult to comprehend. There are two tokens. One of the tokens is standard user and the other is an admin token. All admin accounts function as standard user accounts (i.e., use the standard user token). When a process requests to run with elevated permissions, the extra privileges from the admin token are used to execute that process. Only that process and children of that process run elevated. Elevation does not add extra privileges to other processes or the environment. Any other existing processes, and new processes you execute still run as standard user unless you specifically choose to elevate them as well"
My fault I guess people like Allchin are not as smart as you. They have no clue what they are talking about. You are right, they are wrong.
"Did you not read the article?
"By creating a malicious package and setting the authorization level to AdminAuthorization in the package, an attacker can modify root-owned files, execute commands as root, or install setuid-root programs without alerting the user that such actions are taking place. The problem is compounded when you consider that over 90% of Mac OS X users run as the administrator user because it's what the default user created by the system is."
No, I am dumb I didn't read it. You got me! NOT. Dude, I read the article but unlike you I am not latched on to a single blog entry from someone who is not an Apple expert! After I read the article, like anyone with half a brain I went and looked to see if what he said could be verified by others! Low and behold not a SINGLE other person verified it. On top of that if you go through and read ALL of the security advisories from the 10 different companies and agencies that wrote on this, not ONE (Including apple) says what this one blog entry says.
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4404
Unlike what I am saying about UAC. Even people in MS verify it. LOL!
Sorry but Windows is just not more secure then Macs and Linux. All people can keep trying to say is that Windows is more popular and that is why it has more problems. Sorry jack but being popular doesn't make the holes in the code. Poor planning and programing does.