“Way back in November 2006, when Windows Vista went from beta to RTM, Microsoft’s Jim Allchin suggested that users might not need an antivirus program, thanks to the new OS’s stronger security features. While the statement was subsequently clarified until it lost all its meaning, the question remains: Do Vista users really need an antivirus program running in the background at all times?”
From the article you don’t need an AV as long as you don’t execute any file type. Does this mean on XP you don’t need an AV either? I mean you don’t have UAC on XP but as long as you don’t execute questionable files you should be as safe as if you had an AV. I use NOD32 and I have never had an AV alert over the last few years.
The’re still IE vulnerabillities. Not every exploit raises a warning message. Most of them are stealthy and use 0day’s. Often they {temporarily or not} disable any AV or firewall implementation. Hence the’re professional exploit kits being sold on the net that even have an update facillity.
http://www.symantec.com/enterprise/security_response/weblog/2007/05…
In addition exploit auction sites do exist where you can buy and sell them.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14…
The fact that you haven’t had a single AV alert doesn’t necessarily mean you haven’t been infected at some point.
That probably won’t work with Vista since IE uses protected mode. But I’m not sure.
The point of an exploit is that it breaks expected functionality. For example a Virus getting admin rights on a WinXP standard user. IE Protected mode is an extra barrier of protection that should stop drive-by-downloads, but an exploit that breaks the protected mode may be found one day.
What I do for customers who’ve had their machines heavily infected before is install Firefox, AdBlock, SiteAdvisor, AVG & Spybot/Defender and that seems to cover most vectors, leaving only social engineering / 0days.
Security is definitely about layers – including Anti Virus even if nothing might get that far. I would use AV on my Mac, but I’ve found that AV apps on Mac are of poor quality, and I can manage fine with my knowledge of the system since I don’t have 140’000 different viruses to think about, only one or two that may crop up at some point.
What do those links have to do with Vista and/or IE on Vista?
“
”
….and view questionable websites and read questionable e-mails….etc.
The truth is people do and will continue to do so.
Besides, it’s not always easy to tell which programs are safe and which are not. Yes, a little intellegence and a lot of common sense goes a long way, but the people who write these exploits are not stupid either.
The problem is, sometimes you don’t need to do anything to get a virus. It has happened before on an unpatched system. No open windows, nothing but the desktop on screen so you get the virus by simply being connected to the net. This rarely happens of course but as long as the system is patched, you should be fine without an AV on XP. I used to have no AV for 6/7 years. I recently started using NOD32 even though I trust what I download, “just in case” I want to scan the file.
The problem with UAC is that it hurts advanced users. As the article says, you can’t protect someone from himself. Why? Well, even though they get prompted with a warning not to run this file, most ignorant users will just click “Allow” anyway…..
Edited 2007-07-19 11:17
Summary:
UAC may be super annoying but it can stop just about any program from installing making it an excellent security tool. It’s so good that it could remove the need for an antivirus. Unfortunately, Joe User is really stupid and odds are he’ll ignore the UAC messages and install the virus anyway.
Conclusion: The average user needs an antivirus because they are too ignorant to get along without one.
I think it really sums up the plight of the average user. They don’t understand their computer, which makes them easy victims. They don’t want to understand their computer, which insures that they continue to be easy victims. Therefore they need an antivirus program to clean up the messes they make.
Personally I’d rather fix computer systems of friends and family when they get hit by the odd piece of nasty annoying adware than constantly ‘check up’ on their PC because Norton Shitority Suite 2015 and all the other RAM and I/O hungry gunk they have installed is making it run like muck. And I’m sure I’d be doing it less frequently too.
I have a friend with a beautiful £1k Core2/XP/2GB system which I recently had to wipe and reinstall because it was blue screening, and just generally running worse doing desktop tasks than my old Pentium II. It saddens me to see someone spend so much money on a system, for me to build it, install all they need and to see it fly, only to see the same desktop 3 months later with 17 system tray icons and the whole thing running like shit. The last thing he needed was resident AV.
On the Window’s platform, the boundaries between viruses, spy and adware and just bad bloaty software with system wide negative effects is smearing and AV doesn’t help.
Yeah it would be nice, now wouldn’t it?
Users actually paying attention…
I mean it sounds like a great idea to me, or more like utopia *sigh*
People will either turn the damn thing off, or click “OK” every time.
I mean, in XP, by default (right after you install) you get asked whether or not you want to execute something you’ve just downloaded. Doesn’t stop anybody, or any virus…
Oh well….
How do you get along treating people like that? They did not buy their machines to run some woodo shiite but to fulfill a specific need. Do you think it’s allright if salami crawls out of your fridge at night and eats your money just because you didn’t buy and read the required 7 books about having a salami?
Every story has two sides and moronic developers / industry is the other site of this one.
I agree, and “computer is no toaster, so if you want a toaster, buy yourself a toaster” is the other side of the equation.
Now, users should be educated, computers are not appliances, even though majority are trying to treat them as such.
I a todays world, this leads to DDoS attacks (or should I say “attack of the clones”) and other nasty things.
So, relying solely on users for security is unfeasible today, as people continue to click “or download me and I will infect you” e-mail links, click on “OK” in UAC (it’s very annoying, UAC that is) and do the rest of their day-to-day activities.
So, Firewall, antivirus, spam scanners, are all a must in a Windows world (some are a must everywhere)
Oh well…
Users actually paying attention…
I mean it sounds like a great idea to me, or more like utopia
I see it as job security more than a burden 😉
True.
I admit, it is frustrating that the same people go to the same online poker/porn/download site and get the same junk like they dont remember what happened the last 8 times they did, but I sure do like the money, so go naive! Whats a little harder to explain is when they notice most of the lag in thier system comes from the software that they spent 90 dollars on that promised to free them of this worry *cough* NAV *cough*.
its amazing how fast a computer runs when you know enough about what your doing to finally rid yourself of resident scanners. Best bet is to disable the resident and just run the on access once or twice a week, or use the built in scheduler to make it happen when you know you wont be around. OR use linux and relax. but to be honest ive yet to see a virus on my windows machine in many many years, common sense and an interest in knowing what your system is up to goes a VERY long way.
But that doesn’t really get to the source of the problem. The problem isn’t ignorance – we were all ignorant at one point in time about computers. The issue is what we did (versus what they didn’t do) to address that problem.
Unfortunately ignorance is part of a bigger social issue in the world – look around. Society in general praises ignorance, as if it were something to be proud of – who gets more kudos, a ‘book reading geek’ or some muscle bound athlete who as think as two short planks.
Until people are willing to see that knowledge is a good thing to have, and learning for the sake of learning (rather than a job) is a great thing ti promote, we’ll continue to have ignorant people who think they can get away with the bare minimum to be able to operate a computer effectively.
The thing is that Joe User shouldn’t be installing stuff on a computer. He doesn’t have the skills required so he shouldn’t be doing it.
In the same way, Joe User shouldn’t be cooking unless he knows about food poisoning and how to prevent it.
The problem is that the IT industry, in trying to sell it’s products, promotes the idea that ‘anyone can do it’ and ‘no learning nescessary’. No other industry does that to the extent that the IT industry does.
We created the ‘idiot user’, We brought this on ourselves and now we have to deal with it.
I agree with a lot of what you say, but be careful who you call ‘we’. I was much happier when only geeks (generally speaking) used computers, and I’m certainly not guilty of pedalling the computer life to non-geeks. I’m not being elitist, it was just ‘better times’ back then.
“We created the ‘idiot user’, We brought this on ourselves and now we have to deal with it.”
Here is another one!
“UAC may be super annoying but it can stop just about any program from installing making it an excellent security tool. It’s so good that it could remove the need for an antivirus. Unfortunately, Joe User is really stupid and odds are he’ll ignore the UAC messages and install the virus anyway.”
I love when PC know-it-alls talk about how stupid and ignorant “Joe user” is. Like they were never THAT guy! You arrogant PC dorks need to show some modesty and humility and stop acting like you are so f’n special because you can point and click better then the next guy! WE ALL started as Joe User!
In my experience, the dorks that act like this around less experienced computer people are the one that really dont know there ass from a hole in the ground!!!!
Hi! Welcome to osnews.
The difference between Joe user and the the “PC know-it-all” Is that there are many MANY people who refuse to learn, or do not wish to learn, and thus stay in their ignorant little blissfull world, going to all the porn sites on ie, and opening up all the attachments from their spam inbox.
The “PC know-it-all” isn’t whom you are thinking of. You are thinking of the people who format more than once a year. A true “PC know-it-all” usually doesn’t format their systems, usually controls large corporate networks, and usually isn’t biased towards any operating system, and can use the big 3 equally as well.
By your logic, Le mons drivers should never be able to complain about people who are bad drivers, because they all started as average drivers.
“Until a user learns enough not to open attachments or peruse other avenues that often lead to infection” Or being forced to go online as admin because punkbuster wants to.
Browser: Links (1.00pre12; Linux 2.6.21.5-ph-grsec i686; 157×54) (Debian pkg 0.99+1.00pre12-1.1)
Please stop posting that stupid little signature.
Why should they? seems like you are get annoyed easily
The final conclusion is that the best weapon against malware is common sense and education. No matter how many antivirus/antispyware/antiphishing tools someone might write for you, you must know how to use a computer.
It’s a shame that most users have absolutely no idea about what the hell are they doing, while opening that “funny” 6Mb GIF they friend “SuppaPrizes1546” just sent them.
If I understand it correctly UAC only prevents system wide infection. If malware tries to install itself only in the homedirectory of the user UAC would not be much of a help. Just like a limited user account on XP or Mac or Linux …
Just like a limited user account on XP or Mac or Linux …
Exept on McOSX and linux systems you are in control if you want quite easily.
On linux you could patch the kernel with grsecurity. And for example activate a lot of protection until you have a healthy mix of security and usability. for example you could set the group id’s for ,no sockets allowed, no server sockets allowed, no client sockets allowed and trusted path. Trusted path for example refuses to run anything that isn’t run from a proper install directory.
eg:
-rwx—— 1 pharmsen pharmsen 6661 2007-07-17 17:30 3
pharmsen@cornucopia:~$ ./3
bash: ./3: Permission denied
pharmsen@cornucopia:~$ chmod +x 3
pharmsen@cornucopia:~$ ./3
bash: ./3: Permission denied
My mother for example probably never will compile and run her own programs and neither will a lot of other generall users.
Once you have set the group ID’s you can populate them with kuser or ´gnome Users and Groups’
Adding root to the “no socks” group would prevent apt or any app run as root connecting to the net. there’s perhaps no direct need for the “man” (manual) user to have an network connection.Neither does the average user account have to run server applications so you could add your user account to the “no server” group just to prevent the average user from running them altogether.
In my opinion the problem with UAC is it gives the average user to much to handle. Instead a generall default policy after the initial install of Vista would
safe a lot of users the nasty and perhaps obsolete questions and might benefit security a little more.Power users can still tweak the settings until the system is rendered useless:-)
What language are you speaking, man?
What language are you speaking, man?
Native Dutch, i know my english sucks 🙂
I’ve been using Vista for a few months without any AV software. Then again, prior to Vista I ran Windows 2003 on my desktop with AV software, but I kept the software disabled. Even before Vista I always used a normal user account for everyday tasks, and used Run as to do Administrative functions, so, as the article states, sensible computing goes a very long way here.
Microsoft didn’t invent the concept of using a normal user to perform everyday tasks—UNIX has been doing this for quite a long time—but they might have invented the concept of using an Administrative or equivalent account to perform everyday tasks (and I wonder if they’ve patented this). The “nice” thing about all of this that the “monopoly OS of today” finally respects normal user accounts; I’ve always felt computers and the Internet were too dangerous for the average person to use and Vista might, finally, make some inroads here.
I’ve been virus free for many years now, but I do agree that I’m taking a bit of a risk here and might reconsider. Then again, my BSD box has never had an AV software on it…
Edited 2007-07-17 15:19
“but they might have invented the concept of using an Administrative or equivalent account to perform everyday tasks (and I wonder if they’ve patented this). ”
this has been around for decades if not more. it’s called Sudo. All the linux distributions I have used, log you in as a normal user, and when you need to do something as root, it will prompt to enter a password, and then you ran the particular program as the root account, or you can also manually run the program as root.
Patents are dumb
and in xp/200 you have this too. it’s called runas.exe and people should me made aware of it. really.. use it. it’s not hard. rightclick (sometimes with shift or ctrl) also shows the runas if you are a normal user.
nt has a very good security mechanism (altough a bit complex), but due to the insane defaults windows is extremely insecure. windows can be better protected than unix (using acl, rules for executing programs etc etc) but because this is also a lot more complex and has bad default values nobody does it. and as a result windows is more insecure in practice.
no sh%t I was responding to the fact that the previous post said Microsoft invented it, and they have/should file a patent,which would be completely ridiculous ( but they probably have filed a patent for it, and got it) Microsoft never comes up with anything original, they just copy ideas off of other people
It’s amusing how, no matter what technology people speak of, Unix retroactively did it first.
No, he’s just talking about this particular thing.
That is not the same as logging in as administrator or equivalent in Windows, with sudo, the user is given administrative rights after providing proof that they are who they say they are, when running as administrator in windows, whatever happens, happens, no prompts, no hassles, no security.
Why is OneCare available for Vista?
I agree Microsoft finally did the right thing in Vista by using user accounts. I am not sure how much it will really help though. The problem remains that with so many people using one OS (>90%) they are just too big of a target. It wouldn’t matter if the OS was 100% bulletproof. The black hats would hit the systems in their weakest point…the user. I am not going to say what others have about “dumb users”. While most readers of OSNews are technically savy, most computer users these days know just enough about their computers to send e-mails. If they get something that looks like it comes from Microsoft and says “critical” with flashing backgrounds and warning of dire warnings of NOT clicking the little “yes” box, guess what they are going to do. I am not a Microsoft fan, but how do you protect against this kind of thing? Social engineering is hard to beat.
very true. a good closing sentence.
Yes
There is a billion dollar industry in the exploitation of users. There is also a billion dollar industry in security software.
Neither of these is going to disappear overnight, as much as Microsoft would like that.
Actually, it is a symbiotic relationship. I don’t think Microsoft wants 3rd-party ISV’s to go away. It is the strength of the Windows platform (from a marketing standpoint) that there is so much software out there that runs on Windows. They want to always encourage ISV’s, and they have provided great development tools for them to create Windows-only software. That is why Microsoft walks a fine line. They often want to make products in new software channels (e.g., security software), and yet for the sake of Windows platform dominance, they must not crush all competitors. It’s a tricky business.
I think the point he was trying to make was that, in a perfect world, no company would try to bilk users by installing spyware/malware on their machines, and thus there would be neither an exploitation industry nor a security industry.
You’re right about that – like I said to a mate a few days ago, if an alternative platform like Solaris had equal hardware support and availability of software of Windows, no one would be running Windows. People are wedded to Windows by virtue of the applications they need and hardware they use.
You’re right about that fine line; they can make their operating system as secure as possible, but security software will be needed; if they fail to provide it they’re slammed, if they provide it they’re slammed for trying to kill off competition (whilst these detractors completely ignore the fact that the end user must actually choose to purchase the software – but never let facts get in the way of a good anti-Microsoft rant).
Microsoft has to walk the fine line of implementing security and maintaining backwards compatibility; if they implement it and break compatibility they’re slammed, if they maintain backwards compatibility they have to make compromises.
I think people here need to realise that its a whole lot more complex – what I do hope is that with virtualisation, the ability to have a more secure desktop will be possible.
While many users consider UAC an annoyance, it could be a godsend in the fight to keep computers malware-free. Viruses, Trojans, worms, and spyware often comes in the form of email attachments, and while knowledgeable users know not to launch executables that come in via email from unknown sources, plenty of less security savvy users get tricked every day.
I particularly like this piece because to me it highlights some of the real problems with computer security. The first problem is that software companies are pushing security back onto the user. The second problem is the average user (who makes up the majority of computer users) isn’t real computer literate to begin with.
Almost all of the computer users I know don’t read warning boxes if they repeat themselves to many times. At some point you just start clicking OK. Relying on the end user to be the deciding factor on security isn’t a real good idea in my opinion. I don’t know any better way, but this way simply can’t be the best way.
Relying on the end user to be the deciding factor on security isn’t a real good idea in my opinion. I don’t know any better way, but this way simply can’t be the best way.
It seems like at the moment MS is walking a tight rope between past installations (user has privileges to unwittingly infect/destroy his system) and Vista (user has to first agree to unwittingly infect/destroy his system).
The next logical step in my mind would be: user has privileges to do nothing but access/read user applications and update his own workspace. Application and system updates can only occur via a secure channel in a special system mode.
That would go a long way in preventing self-inflicted pain. Not sure if users would accept that (or pay for it) though.
edit: clarified.
Edited 2007-07-17 16:56
The real problem is how Windows apps were created for YEARS. Applications have had free reign of the computer, and were essentially running in “God-mode”. This was despite the fact that Microsoft for years has been pushing developers to use user profile directories (c:documents and settingsuser…). I used to write a lot of applications that assumed they could write to the application directory. Things like this are unheard of in the Unixish world. These things are hard to change. Vista and UAC just point this out. Hopefully, applications will start following the rules and these dialogs should decrease in number. In a worse-case scenario though, people just turn UAC off. I’ve even read articles where this is the suggested course of action. No! No! No! They only chance Windows has to be even a little secure is for people to run in limitted-access accounts like people have been doing in the Unixish world for years. Othewise, abandon all hope ye who enter the Winders world!
They only chance Windows has to be even a little secure is for people to run in limitted-access accounts like people have been doing in the Unixish world for years. Othewise, abandon all hope ye who enter the Winders world!
Once again relying on the end user to do the right thing.
It’s not just Microsoft though. When I first purchased zone alarm it hardly ever asked me for anything. Before I ceased use of it I was getting pop-up after pop-up. At some point I just started ignoring them and hitting OK, like so many others. The only difference between me and the average user is that I much more careful about were I surf and what programs I install, but that doesn’t mean I’m safe.
As others have pointed out the truly weakest link in computer security is the end user. Relying on them to do the right thing is just a bad idea.
“
”
Couldn’t agree more. Microsoft’s “well nag you to avoid running cr@p” style of system protection is madness.
It’s like your mother whinging on at you that if you keep climing trees you’ll keep falling off. Her whinging never stopped me climing trees (and neither did the falling off lol). The only thing that stopped me was the bulldozers that ripped the trees up to build new houses.
You do realise that a good number of Microsoft applications, such as Visual Studio, are not ‘limited user’ compliant.
I find it funny when Microsoft is angry about compatibility issues between applications and their operating system, and yet, they do very little to ensure that when they ship their operating system their own software actually works as it should.
The problem is that they made compromises in Windows 2000 (which was meant to be the replacement for the 9x line) and Windows XP; they refused to put their foot down and say, “this is the bar, get your applications to this standard – we won’t compromise out product quality for your compatibility”.
“You do realise that a good number of Microsoft applications, such as Visual Studio, are not ‘limited user’ compliant. ”
This is not true, I run Visual Studio 2002 and 2005 as a limited user every day, there is nothing to it. The only thing I had to do was when doing web development, I had to define the url in the .NET configuration as trusted. Any other MS apps that need Admin (some tools do) you use runas.
Given that 2002 isn’t supported by Microsoft and 2005 just recently received an update which corrected issues with UAC, what I said is true – SP1 for Visual studio was released 30/06/2007
Also, look through http://connect.microsoft.com/VisualStudio/content/content.aspx?Cont… at the number of bugs related to Windows Vista.
Oh, and when you run something like ‘run as’ it is a failure; if your application needs to have administration privileges, there is something *very* wrong.
“Oh, and when you run something like ‘run as’ it is a failure; if your application needs to have administration privileges, there is something *very* wrong.”
so you think that running something like Services or Computer Management shouldn’t need Admin rights to run? Are you insane? what’s the point of locking down a system, only to have system management tools and utilities run as that normal user? Using runas is no different than sudo when doing admin tasks from a normal user account.
“Given that 2002 isn’t supported by Microsoft and 2005 just recently received an update which corrected issues with UAC, what I said is true – SP1 for Visual studio was released 30/06/2007”
uh, we were talking about limited users, you did not specify VISTA UAC. You said:
“You do realise that a good number of Microsoft applications, such as Visual Studio, are not ‘limited user’ compliant. ”
which is not correct. UAC is also the system of alerting the user to what is trying to run, and elevating them to allow them to continue or cancel the task. Limited users existed long before Vista.
Visual Studio 2005 works fine as a limted user on XP, SP1 deals with VISTA, not with problems running it as a limited user, but running it with UAC.
Microsoft did not think of the correct approach, methinks. They tried to imitate Unix, with user/administrator accounts, home folders etc. That would not work, and it hasn’t work, as Vista proves.
What Microsoft should have done is to virtualize the O/S for each user, i.e. applications should be able to see the whole O/S, but in reality each user would have his own version of the O/S, not affecting the other users. Files would be shared by all users, until modified, i.e. use the copy-on-write technique on files, so as that each user maintains his own consistent view of the operating system.
Start->Shutdown
This kills the cause of virus/spams/trojan/worms/spyware/or whatever you think it is.
Well I have an antivirus application (ClamWinAV) but there is no ‘on access’ scanner yet and even if there was I would not run it.
If I suspect a virus I run the program manually, or it can be scheduled to check all files at night when I’m asleep.
On Access virus scanners running at all times are only needed if you download tons of questionable stuff like software cracks all day or you have meatheads for friends who send you all sorts of trojans on accident.
…or your firewall doesn’t work correctly, or it has holes, or you don’t realise that your web browser has exploit issues, or…
..or your firewall doesn’t work correctly, or it has holes, or you don’t realise that your web browser has exploit issues, or…
Install a hardware router, double check to make sure nothing is in the DMZ and run an alternate browser like Firefox. You can have quite a safe and clean experience on windows with that combo.
You can buy into all the FUD and load up on anti-virus, software firewalls, malware scanners etc. etc and attempt to have a nice time while your once fast machine grinds to a halt.
You know, common sense is one of these things that users could really use some more of.
I wonder if an article about the habits of secure computer users would be a good article for OSNews? Just print it out and hand it to Ma or Pa User whenever they ask why their computer doesn’t work.
I wonder if an article about the habits of secure computer users would be a good article for OSNews?
They should stage a security TV competition show where the best user/box tandems in terms of efficiency (defined as usability divided by efforts) are rewarded some nice prizes.
And I’ll be there with my eCS box.
… naive somehow. No question, the author is right when he claims that the best protection for your computer is NOT TO RUN MALWARE on it. Sadly this isn’t reality, neither it’s practicable. Lets have a look at a common home desktop used by, lets say my mother and some kind of fantasy-little-sister:
Everybody knows how much garbage, little games and stuff are the in the spotlight of interest of this both actors. I’d give an unprotected Windows Computer less than a week until it is infected with at least one piece of malware.
UAC an Win Defender are a nice tools to prevent programs to run with Admin rights. But they don’t prevent any ID-Theft Trojans, which use the Internet Explorer API to call back home to steal your cookies, your Thunderbird/Firefox/IE Passwords/Saved Forms and so on. They can easily place their self in %APPDIR% of the logged in User and steal only it’s informations. Believe me the most victims will find the malware on their one, malware don’t has to infect any user on a desktop pc, the user will do it….
Just my 2 cents.
Regards
Patrick
“But they don’t prevent any ID-Theft Trojans, which use the Internet Explorer API to call back home to steal your cookies, your Thunderbird/Firefox/IE Passwords/Saved Forms and so on.”
No, that’s what IE protected mode is for. Vista security is not all UAC you know.
>>If you read enthusiast message boards, you often see the more boastful users assert that they’ve been running Windows XP for four years without an antivirus program and without contracting a virus, simply by avoiding illicit software and email attachments.
>>
That would be me. I might add that you also have to avoid using USB Flash drives that have been connected to other Windows systems. If you’re in that situation, open the drive first in Linux and delete the crapware that other people’s computers invariably copy to it, then it’s clean for Windows XP.
Windows is a security nightmare, but if you use your head you won’t get infected. And if you don’t use your common sense, no software program in the world will protect you from all the threats.
Have IE core removed (Nlite/Xplite) and services that use internet, enter dns manually ,
Use Hijackthis and processexplorer surf with k-meleon (a browser not many uses thus exploiting intrest hasnt raised against it yet)
So here i am with a 350 mb winxp not using automatic updates or anything the only thing that uses internet is my web browser and some torrent apps .
No viruses that cant be easily removed
surf with k-meleon (a browser not many uses thus exploiting intrest hasnt raised against it yet)
I hate to disapoint you but k-meleon uses the mozilla rendering engine 🙂
i know its kinda like firefox but more light meaning not that featurepacked less features less exploits
Every single software installer that uses MSI (Microsoft Installer) prompts you with the UAC prompt. Several people “in the know” in the computer security scene see this is a design flaw. Microsoft admits it was a choice of functionality over security.
http://blogs.zdnet.com/security/?p=29
One can argue that it is due to the lack of fine gain implementation of UAC; in the case of the installer, the only rights granted to the installer should be just to “Program Files” and nothing more. If it needs to write to the Windows directory or anything else, quite frankly, its a piece of junk written by a terrible programmer who can’t follow basic security conventions.
“believes UAC has a major flaw in the way it automatically assumes that all setup programs (application installers) should be run with administrator privileges.”
“very severe hole in the design of UAC.”
Oh horeshit. It may not be the best design chocie in the history of computing but in no damn way is it a severe hole.
Who are the “several people” btw?
Note that I dont use Windows but I sure as hell trust Mark Russinovich more on Windows topics than random “hackers”. It would be nice if media didnt buy into the myth of “hackers” being superior in skill to, you know, actual professionals.
I guess all of this served her purpose though, which is undeniably to get attention.
Edited 2007-07-18 04:15 UTC
Note that I dont use Windows but I sure as hell trust Mark Russinovich more on Windows topics than random “hackers”. It would be nice if media didnt buy into the myth of “hackers” being superior in skill to, you know, actual professionals.
I guess all of this served her purpose though, which is undeniably to get attention.
Ever heard the name Bruce Schneier?[1] He’s like, you know, a real professional. He’s written a few books like “Applied Cryptography” which is to this day the bible on PKI and cryptography. Oh yeah, he is the CTO of Counterpane, a “professional” computer security company. Bruce is pretty much THE authority on cryptography and many aspects of computer security.
How about Ollie Whitehouse of Symantec’s security team?[2] he found a seperate problem with UAC that is similar regarding .cpl files instead of installer files (like bruce). Both of these guys are “professionals” by my standards and not just random hackers as you like to put it. Oh look, another paper about UAC exploits[3]. Do you still think I’m lying here? Don’t tell someone what they are saying is quote, “horseshit“, when you have no proof of that.
http://www.schneier.com/blog/archives/2007/02/uac_security_ho.html [1]
http://www.symantec.com/enterprise/security_response/weblog/2007/02… [2]
http://geekswithblogs.net/robp/archive/2007/05/26/112779.aspx [3]
Edit:
Mark Russinovich knows the windows internals and how to reverse engineer things very well. SysInternals software is great. That doesn’t mean that he is an expert in computer security. Bruce’s books are used in computer science programs at colleges…
Edited 2007-07-18 05:05
Wow gee, thanks I really had no idea who Schneier was…
Where does he agree it’s a serious problem? All he says is that someone made a bad decision. Bad decision != catastrophe.
Oh yes, Symantec. I sure do have a lot of respect for them…well, maybe I would have had if they hadn’t conpletely ruined Norton’s good name. Oh yeah, and he doesn’t say or agree that it’s very serious security issue either, only that it’s an issue and not such a good design decision.
Perhaps you should have originally linked to these more balanced and thought out articles instead of the fearmongering zdnet one.
“How about Ollie Whitehouse of Symantec’s security team”
Symantec is a bunch of vultures, living off the misery of others, I wouldn’t trust his viewpoints, considering that Symantec is one of the companies that fought against patchguard, one of the stronger Security improvements MS made to Vista.
LOL. Best Buy is selling Vista toasters, err, laptops, with antivirus. Wonder why?
http://www.bestbuy.com/site/olspage.jsp?type=category&id=pcmcat1245…
Vista 64 in particular has a lot of security features besides UAC, such as randomised address space (makes it very hard for malware to insert itself into memory), an improved firewall, kernel patch protection (might be removed in SP1 to placate third party anti-virus makers) and requiring signed device drivers (makes rootkits unlikely).
Also, being a 64 bit OS, a lot of code just won’t work anyway (16 bit code won’t run at all), which is a bit of added protection, at least until 64 bit operating systems become more of a target.
You could definitely get away with not using antivirus software on Vista 64 if you are careful about what executables you allow to run.
Of course, Vista 64 Ultimate has it’s own compatibility issues that mean it might not be suitable for everyone, and a price tag that might put a few people off, so YMMV.
…I attended regarding application security (I’m a developer) the instructor (whose presentation was on a mac) espoused Vista as being the most secure and locked down operating system available today.
Mac OS X and Linux (apparently some generic distro) had well over twice the vulnerabilities. He also praised Microsoft’s dedication to securing their operating system.
Locking down or disabling a feature may reduce the surface area for attack but it doesn’t make it secure. It is like saying this; if you wear a helmet when riding a bike, stay on the correct side of the road, signal when going around corners – you’ll be safer, it doesn’t mean, however, that you won’t get hit by a car.
Yes, there are vulnerabilities within Linux, Solaris etc (just like any other operating the difference is how they are addressed, whether the issue is actually addressed in a timely manner rather than taking months (WMF vulnerability in Windows – circa last year) for a patch/update to appear.
This so-called ‘expert’ also ignores the security features within Linux for example – if he is going to cheerlead for Microsoft, may I suggest that this individual actually have a clue about what he is talking about when comparing his chosen opiate to the competition.
Well, I only mention what he said. Hey, I am a linux/BSD/OS X user. What surprised me is he was a Mac user himself. But he seems to feel that MS did a great job locking down a lot of vulnerabilities [with the OS but also more with IE 7].
I’m sure Microsoft has improved, but at the same time, I wouldn’t say they’re better than Linux or *NIX in general unless the individual came up with some definitive evidence to back it up.
He simply had a graph and spoke briefly about it (I don’t even remember exactly what category of security he was talking about, OS I think) and the graph might be in the book of slides I have from the seminar… the only problem is the book is 500 pages and I am a lazy fat bastard (to quote Howie Carr).
@Kaiwai
Well after all, thinking is hard work.
I’m reminded of Arthur Dent:
“What happens if I press this switch?”
Ford Prefect: “I wouldn’t.”
Arthur: “Oh, a sign lit up saying ‘Please Don’t Press this button again!'”
Sometimes the computer has to be made smarter than the User. Unfortunately, Microsoft Windows takes such hand holding to an extreme.
does exist in windows xp and you still can implement it on vista; The account type will be “user” while the admin will be using the account type “Administrator”.
Using Administrator under windows xp and going online without SP2 is like going naked in wind tunnel.
SP2 of XP improved security alot, then came the disasterous administrator account which is assigned for every new account almost. But by applying the limited user account on XP you will open the hell doors; most applications won’t install or work, alot of permissions issues, alot of runas commands and alot of headache that probably equals switching to a new OS of linux/Unix type.
So….came vista which created a locked version of administrator type of account to let applications happy while just annoying the computer users with the OK icons of UAC, which if you look at its advantages would justify the annoyances of UAC.
WXP+SP2+Limited user account = enough security (if you can manage the administrative issues the will pop up for you)
Vista + Administrator + UAC = enough security (If you can manage to survive UAC epileptic flashes)
If all of above is not enough then switch to a Mac if you are a user and to a linux if you are a su –
Limited User Accounts in XP aren’t a particularly good solution, if for no other reason than application developers write software with the expectation that each user is going to be using an Administrator level account.
Case in point:
At work, there are two groups – one group has admin rights to everything, one group has user rights. We, on occasion, like to play games. One of the LUA people wasn’t able to install a game on the system, so I ran in and installed that. Further he wasn’t able to even RUN the game as a regular user – so I had to change his account type.
This is absurd. Practically speaking, LUA is unacceptable from an end user perspective. Maybe in a normal corporate environment where people do nothing but run basic business applications – but an end user actually using their computer is going to pretty quickly ignore the limited account and moveto a more feature rich and usable Admin one. Security be damned.
Theoretically – yeah LUA is good. realistically it’s not doable.
“if for no other reason than application developers write software with the expectation that each user is going to be using an Administrator level account.”
Wont this be exactly the same if you run these apps on Vista?
LUA is great in practice when the developers design and implement their software correctly. Isn’t that what most Unix’ish software (Linux included) does, is work within the confines of the LUA as much as possible?
There’s a funny property about software on Windows that’s written with the LUA in mind: it is least probable that there would ever be DLL Hell on an older NT system if you installed it there (presuming it didn’t use newer features) because it wouldn’t be writing to places it can’t as a LUA process, since any DLL’s used are first retrieved from the local path of the application before going into system paths.
In practice, most software has absolutely no need of Administrator rights to run, regardless of OS. This is where you need to pester the developers of the software you wish to run to get their act together.
Note: I’m speaking of someone that has developed for several platforms, with Win32 being the one I’ve spent the most years professionally on.
“Further he wasn’t able to even RUN the game as a regular user – so I had to change his account type.”
Before jumping to administrator account, you may try “runas”.
How?
Right-click executable that represents the game (not the shortcut) then choose run as and fill up the popup with your user name”administrator” and the password.
This might fail if the executable depends on another executable the must also run with administrative previliges, 25% of games I ran had this issue, which also I fixed with other methods.
AV needs to exist….end of story. Why do we allow the proliferation of such crap as to waste time reopening a statement that was flawed at the onset.
In summary: Jim Allchin, and every other MS shill (Ballmer and Gates included) should just keep their f’ing mouths shut. Accept the fact that their flagship OS is about as secure as a piece of Saran-Wrap and go with it. Running your mouth about how “we don’t need no stinking anti-virus” isn’t going to make that smoldering pile of dogs**t, called Vista, sell any more than it already is.
Until the OS can think for itself, anti-virus is a fact of life no matter what OS you use, or what you do with the PC on or offline. Any effort to prove the contrary is wasted and meaningless.
I don’t bother with Anti-virus in XP or Vista. Never had an issue.
Do I use a virus checker on my Vista Ultimate? No. But then I am behind NAT with my wireless router.
Since switching to Fedora 7 i’ve forgotten what virii do …