S
sebastian.palm
I've been using Vista for eighteen months now, (since just after RTM,
actually), and while I was initially enthused with the new security
features promised in Vista, I've gotten pretty much disillusioned with
them. Because I think Microsoft somehow failed to understand something
terribly fundamental to userdom - the fact that Safety does NOT equal
Security, in the world of computer users...
In their own way, Windows NT and Windows 2000 were the most secure
versions of Windows there ever was, with regards to ths operating
system's security from the average *user*. Provided the operator could
follow a simple instruction: "Don't use an administrator account as a
day-to-day account", there was little he could do to truly screw stuff
up. Sure, having to log in as an "unsafe" administrator every so often
to take care of the stuff that needed privileged access was a chore,
but at least it was secure...
What Microsoft did in XP is IMO completely unfathomable - giving
J.Random XP installer, and his whole family, administrator privileges
by default. How many do you think bothered going back and changing the
access level of the regular user accounts back to User level?
Especially once XP software routinely started *assuming* it had Admin-
level privileges? Not too damned many... Thus you had most users
running "unsafe" accounts, which is pretty insecure.
I truly thought Vista would change things back, but sadly Microsoft
didn't decide on this - Vista still defaults to making the first user
an Administrator by default, and software vendors keep assuming
administrator privileges. Which, coupled with UAC, intended to provide
"safety" for administrator-level accounts, destroys security. Because
while users are now "safe" behind UAC access prompts, they can still
do anything they damned well please, or the apps they allow to run
because they no longer bother to read the annoying prompts can.
*Sigh*.
Contrast this with Linux, if you please. On most of the distributions
I've tried, the administrator account (root) is so powerful, and so
unsafe (no prompts!) that it takes even the most die-hard wannabe
poweruser all of one mistake to decide he won't ever want to be logged
in as "root" if it can be at all avoided; yet that same power is still
available at the admin's fingertips from whereever just by using the
su command. Doing it this way means a user must decide in advance to
want too use enhanced privileges - it's not, as with UAC, a matter of
reacting to an app that wants something.
IMO, the better solution for windows account security in Vista would
have been to ditch UAC entirely, and default accounts to user level -
and putting the administrator account somewhere accessible without
jumping through hoops... (beyond supplying the password, that is)
You may now all jump on me for posting something has already heard and
agreed/disagreed with.
SP
actually), and while I was initially enthused with the new security
features promised in Vista, I've gotten pretty much disillusioned with
them. Because I think Microsoft somehow failed to understand something
terribly fundamental to userdom - the fact that Safety does NOT equal
Security, in the world of computer users...
In their own way, Windows NT and Windows 2000 were the most secure
versions of Windows there ever was, with regards to ths operating
system's security from the average *user*. Provided the operator could
follow a simple instruction: "Don't use an administrator account as a
day-to-day account", there was little he could do to truly screw stuff
up. Sure, having to log in as an "unsafe" administrator every so often
to take care of the stuff that needed privileged access was a chore,
but at least it was secure...
What Microsoft did in XP is IMO completely unfathomable - giving
J.Random XP installer, and his whole family, administrator privileges
by default. How many do you think bothered going back and changing the
access level of the regular user accounts back to User level?
Especially once XP software routinely started *assuming* it had Admin-
level privileges? Not too damned many... Thus you had most users
running "unsafe" accounts, which is pretty insecure.
I truly thought Vista would change things back, but sadly Microsoft
didn't decide on this - Vista still defaults to making the first user
an Administrator by default, and software vendors keep assuming
administrator privileges. Which, coupled with UAC, intended to provide
"safety" for administrator-level accounts, destroys security. Because
while users are now "safe" behind UAC access prompts, they can still
do anything they damned well please, or the apps they allow to run
because they no longer bother to read the annoying prompts can.
*Sigh*.
Contrast this with Linux, if you please. On most of the distributions
I've tried, the administrator account (root) is so powerful, and so
unsafe (no prompts!) that it takes even the most die-hard wannabe
poweruser all of one mistake to decide he won't ever want to be logged
in as "root" if it can be at all avoided; yet that same power is still
available at the admin's fingertips from whereever just by using the
su command. Doing it this way means a user must decide in advance to
want too use enhanced privileges - it's not, as with UAC, a matter of
reacting to an app that wants something.
IMO, the better solution for windows account security in Vista would
have been to ditch UAC entirely, and default accounts to user level -
and putting the administrator account somewhere accessible without
jumping through hoops... (beyond supplying the password, that is)
You may now all jump on me for posting something has already heard and
agreed/disagreed with.
SP