Sable Lowell
Gallente
   |
Posted - 2007.03.17 20:42:00 -
[2]
 Originally by: Claude Leon
Originally by: Redwolf
Tried turning off UAC?
This something that you don't want to do.
Originally by: Regat Kozovv
Originally by: Sable Lowell
That security hole exists in XP, but how many home users do you see that have a problem with it? Vista has some really neat security features, but most of them are not necessary for the majority of home users.
I think UAC is sorta misunderstood.
The reasoning behind UAC is not to patch a security hole per-se, but to provide a sort of "speed bump" whenever administrator privladges are invoked. In XP, most users run with full admin rights, which also meant that most programs excuted with the rights of that user. This lead to alot of malware and exploits compramising the machine, which they wouldn't have been able to do had they been running with the permissions of a normal user account.
In an ideal scenario, users would run with only the permissions required to perform their tasks, and only invoke higher rights as needed. This concept has been present in UNIX and later Linux for a long time, as users are encouraged to run with ordinary accounts and invoke "root" only as needed. For a variety of reasons, this never took off with XP. (Mainly for ease of use concerns, I believe.)
UAC was implimented as a kind of compramise to allow users to run with admin rights, but warn them whenever those privladges were being invoked without their intent, such as ActiveX or Java applications executing in the background or applications piggy-backing along with downloads. You would then have the option to cancel it's execution, whereas in XP it would simply run.
This is geared more towards home users actually, though most seem to blow by them or opt to disable them. To MSs credit, they spent alot of time testing this feature and try to avoid this scenario, while providing as much protection as possible. From the things I've heard, they're just as unsure about it as some end-users are.
Personally, I've convinced of it's usefulness. Soon after Supreme Commander was released, a patch came out. I played for a week pre-patch, then installed the patch. Suddenly I noticed that a "Sony SecurROM Installer" was trying to run every time I started the game. I got the UAC prompt, and canceled it's execution. Luckly the game still starts fine. but I suspect under XP this would have ran without my knowladge. No rootkits for me, thanks! =D
Basically, it will run like XP. How many people will benefit from the UAC currently? If the UAC was such a big deal, then they would have implemented it as a security fix in XP, it is very easy too.
According to MS representatives (This was told to me at a trade show my work sent me to) the major function of the UAC is to make users think that Vista is ultra secure. While it is way more secure, most home users are not going to benefit from it.
So it's basically a good idea, but was not implemented in Xp because it was not very necessary, it was included in Vista as another sales pitch.
|