Linked by Eugenia Loli on Sat 28th Apr 2007 00:53 UTC, submitted by applesource
Privacy, Security, Encryption Microsoft Australia has defended the company's User Account Control (UAC) system as being "misunderstood" and said it should be the type of technology that all operating systems aspire towards.
Thread beginning with comment 234742
To read all comments associated with this story, please click here.
How About A Change Of Track Record First
by pfsams on Sat 28th Apr 2007 02:44 UTC
pfsams
Member since:
2006-01-05

Microsoft cannot lecture anyone on security until they change their track record on security. Even the six year old XP system has suffered mayhem in the last few years. I realize Vista is supposed to be latest and greatest in security according to Microsoft, but they will have to earn the trust of customers, and they will not do that overnight. I find it appalling that they would attempt to tell other OS'es how to be secure.

Reply Score: 5

jjmckay Member since:
2005-11-11

Look at Windows 2003 and IIS6. Apparently they have done a much better job and *have* changed their track record. Microsoft has learned a lot, the harder way, so they do indeed have things to teach the industry at large.

Here is a revelation to many: Put a few hundred million people in front of computers and a whole lot of them will do really dumb things. Part of the security problem out there is not just MS's fault, but ignorant (not necessarily dumb) users who'll run that iloveyou.exe file. UAC helps mitigate this and so does Vista in warning users that bad things can happen when running unknown/untrusted executables.

The reason unix security works as it does has a lot to do with the fact that it requires much more computer smarts to use and therefor the root user is far more likely to know smart computer use practices. True though, the software for *nix was written knowing better system level access from the start.

The UAC prompts will diminish as 3rd parties catch up with the new model, imo.

Edited 2007-04-28 03:05

Reply Parent Score: 5

Ironhead Haynes Member since:
2006-12-20

people who do really dumb stuff while sitting in front of a computer are better off with linux. if they use a polished linux-distro *now*, they can do everything they need for their digital life, without having to think about iloveyou.exe, don't need to think about trusted or untrusted software. the software is organized in repositories, even digitally signed.

the whole thing about uac is, that it annoys you like hell, but in the end it lets do do every stupid thing you want. this is not security, this is idiotic.

and btw, *who* judges which executable is untrused which trusted?
in the windows world you get your software from all kinds of diffrent channels and directions, how would someone (who does dumb things) know, which exe is trusted in which not?

Reply Parent Score: 3