Printed from http://www.electronista.com

Microsoft: UAC the future of every OS

updated 04:45 pm EDT, Tue May 1, 2007

Microsoft on UAC Future

The controversial User Account Control security guard in Windows Vista should be integrated with every OS, a Microsoft executive said today. The company's chief security advisor in Australia, Peter Watson, made the remark when discussing protection with a developer news site. The executive contended that the fundamental idea behind process, which is meant to trap viruses and spyware by asking permission before running potentially risky tasks, is an essential component that emphasizes the user's own responsibility.

"There has been a lot of misunderstanding in the market around User Account Control," Watson said. "If you look at it from an architectural direction User Account Control is a great idea and strategically a direction that all operating systems and all technologies should be heading down."

The comment has triggered frustrated reactions from some, who note that Microsoft's claim is neither original nor ideal. The basic principle of explicit permission even when running as administrator has been present since UNIX and has found its way into spin-offs such as Mac OS X and Linux, either of which requires a password-protected superuser command, known as a "sudo" for automated installs and other hands-off code that could expose the system to attack.

"The fact is that Microsoft is late to the party with their Microsoftized version of sudo," Ars Technica's Ken Fisher said. "That's really what UAC is, after all: sudo with a fancy display mechanism (to make it hard to spoof) and extra monitoring to pick up on 'suspicious' behavior."

Fisher also drew attention to the sheer abundance of prompts that occur with UAC, which can irritate both casual users whose day-to-day use is interrpted as well as experienced users who might "freak out" at having to repeatedly authenticate for small commands even when logged in as full administrators. UNIX variants are typically more hesitant to trigger password prompts and will sometimes let comfortable users force a permanent superuser mode that escapes prompts altogether.

While not responding directly to the columnist, Watson readily admitted that the abundance of prompts in Microsoft's implementation could potentially numb less knowledgeable users by discouraging them from reading and understanding potentially serious messages.

"The problem you can never get around is if the user is just going to sit there and blindly hit the Enter key," he said.

Apple infamously made light of this last problem with its "Security" TV ad.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. vasic

    Fresh-Faced Recruit

    Joined: May 2005

    0

    hilarious

    Yes, every time I sit before Vista, i begin to laugh hard about 15 seconds into it, when I get 'Windows is trying to run a program, winword.exe; cancel or allow' type of message. Before my first encounter with Vista, the 'Vista Security' commercial was amusing. After playing with Vista for an hour or two, it's down-right side-splitting hilarious. Sure enough, whenever a prompt pops up, all I can see is a guy with dark glasses and an earpiece, saying 'Mac is issuing a salutation: cancel or allow'!

    Mr. Watson, just like many other MS soldiers, is just doing his duty. Trying as hard as he can to spin. Critical mass is moving in the other direction, though, and people are recognising Vista for what it is - pretty shell around Fisher Price XP.

  1. eldarkus

    Fresh-Faced Recruit

    Joined: Feb 2004

    0

    umm...

    "...is a great idea and strategically a direction that all operating systems and all technologies should be heading down."

    And what other operating systems should be 'heading down this way' if Unix and OS X are already using it??

  1. hayesk

    Professional Poster

    Joined: Sep 1999

    0

    Unhelpful dialogue boxes

    Fisher is right on the money here. Not only are the UAC confirmations too numerous and for mundane tasks, they are completely unintelligible. If you look at the Details for most of these confirmations, you are usually presented with something like "0A45B-CF43A" - how is that supposed to help you make an informed security decision.

    The trade-off between security and convenience is wrong in Vista. They clearly don't understand or care to understand usability.

  1. brainiac_7

    Fresh-Faced Recruit

    Joined: Jun 2005

    0

    typical

    That MS should come late, badger folks to do as they do, then offer up a tool with no thought for the average user is a microcosm of the whole MS experience.

    "Apple infamously made light of this last problem..." I believe "infamous" would be more appropriate for Vista than for Apple's ad.

  1. HombrePhaty

    Fresh-Faced Recruit

    Joined: Oct 2003

    0

    I DO enjoy quotes from MS

    ...if it's not Bill Gates saying, "512k is all the computing power anyone will ever need" or "the internet is a fad", then it's Ballmer making wild predictions about the iPhone or threatening to kill someone.

    Somebody should make a page dedicated to the amusing/chilling quotes that come out of Microsoft. I would regularly visit such a page.

  1. makesense

    Fresh-Faced Recruit

    Joined: Feb 2007

    0

    winword, allow?

    none of my macs (bootcamp) or pc machines require an OK to run Word, or any other Office product, or any other installed program; to install a new program, yes...just like OSX (which requires password as well)

  1. Sabon

    Fresh-Faced Recruit

    Joined: Mar 2005

    0

    deleted

    deleted

  1. Sabon

    Fresh-Faced Recruit

    Joined: Mar 2005

    0

    winword, allow?

    The issue is that Vista asks WAY too many more times and about things that are not about security items but plain ordinary items. It prompts so often that people ended up turning the nag screens off. Microsoft does drink too much of their own cool-aid. Bombastic Ballmer would be funny if he wasn't so insanely crazy.

  1. Sabon

    Fresh-Faced Recruit

    Joined: Mar 2005

    0

    deleted

    deleted

  1. jarod

    Fresh-Faced Recruit

    Joined: Apr 2005

    0

    MSFT & Security

    Umm I dont think these 2 words belong together. MSFT should STFU and die already!

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cat B100

Cat is primarily known for its heavy-duty machinery used in the construction industry and farming, among other areas. What may not be ...

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Sponsor

toggle

Most Commented

 
toggle

Popular News